Last modified: 15 March 2021
Jaiota Pte. Ltd. (UEN: 202020996R) (“we”, “us”, “our”) operate www.jaiota.com (“Site”) and the Jaiota software web and mobile applications (“App(s)”), through which we offer various services, features and content to you (collectively “Service“).
We are committed to protecting your privacy and understand that users of the Site, App(s) and Service are concerned about their privacy and the confidentiality and security of any personal data that is provided.
This Policy applies in conjunction with any other notices, contractual clauses and consent clauses that apply in relation to the collection, use and disclosure of your personal data by us, to which you have indicated your acceptance.
1.2 Contact Information
Online support form: Click here (https://jaiota.com/contact/)
Telephone: +65 31051385
Privacy Issues Email: [email protected].
Representation for data subjects in the EU or in the UK:
We value your privacy and your rights as a data subject and have therefore appointed Prighter as our privacy representative and your point of contact.
Prighter gives you an easy way to exercise your privacy-related rights (e.g. requests to access or erase personal data). If you want to contact us via our representative Prighter or make use of your data subject rights, please visit: https://prighter.com/q/13495214
2. Nature of Personal Data
Whenever you visit our Site, our servers automatically record information for statistical purposes about your usage of the Site such as:
- the type of browser used;
- the referring URL;
- the IP address;
- the number and type of pages viewed;
- the date and time of visits; and
- the exit URL.
This information we collect about you is not personal data and, in any event, remains anonymous. We do not link the anonymous information to any other personal data unless you have either registered as an account user or logged on as an account user at the time of use. Accordingly, if you have not identified yourself on the Site, such as by registering as an account user or logging on as an account user, we will not link a record of your usage of our Site to you personally.
We ask you for certain personal data to provide you with the products or services that you request from us. This may include for example when you make a purchase through our Site, create an account through our Site and/or App(s) our otherwise initiate contact with us for any reason. The nature of the personal data that we collect includes:
- your contact details (full name, email, telephone number and delivery and billing address);
- the name of your employer or place of business;
- login and account information, including password (when you create an account on the Site and/or App);
- personal details including gender, hometown, date of birth and purchase history (however these are only collected incidentally as a result of collecting your name, billing and delivery details);
- banking information (and in particular credit card details); and
- images such as personal photo and company logos.
3. Cookies and other tracking technologies
3.1 Cookies and tracking technologies
Our Site may use Google Analytics, a service which transmits Site traffic data to Google servers in the United States. Google Analytics does not identify individual users or associate your IP address with any other data held by Google. We use reports provided by Google Analytics to help us understand Site traffic and web page usage.
You can customise or opt out of Google Analytics for display advertising using the Ads Settings for your Google account.
- Google Marketing Platform integrations;
- Demographic and Interest Reporting;
- Display Advertising including Remarketing and Google Display Network Impression Reporting to advertise our services online;
- Optimizing and personalizing ad services based on your past visits to our Site; and
- Reporting the use of ad services and interactions with ad impressions and how they are related to visits to our Site.
Cookies and other tracking technologies may also be used to support analytics by other third parties.
3.2 Third party interactions
We may allow third parties, including authorized service providers, advertising companies, data management platforms, and ad networks to serve advertisements on our Site.
These companies may use tracking technologies (such as cookies, pixel tags, web beacons, device IDs, or advertising IDs) to collect information about users who view or interact with their advertisements. Any information that these third parties collect via cookies is completely anonymous and is non-identifiable.
You may refuse the use of third-party data collection by selecting the appropriate settings on your browser.
4. Purposes of collecting, holding, using and disclosing Personal Data
4.1 Collect from you only
Where it is reasonable or practical to do so we will only collect personal data about you from you directly.
If you voluntarily disclose another person’s personal data to us (for e.g. by sending emails or email invitations to others through the App(s)), you warrant that you have obtained his/her consent to such disclosure and use of their personal data.
4.2 Purposes of collecting Personal Data
We will only collect your personal data that is reasonably necessary for:
- enabling us to create a registered account for you on our Site and/or App;
- verifying your identity;
- us to provide you with our products and services that you have requested;
- responding to your queries and enquires;
- our internal research and statistical purposes (including market segmentation and customer value analysis);
- enabling us to forward to you other information or material which we believe may be of interest to you including our newsletters, and marketing and promotional information where you have consented to be on our mailing list and/or to receive such information or material;
- processing payment or credit transactions including enabling a payment processor to process payments that you make to us;
- any purpose(s) for which you have provided your personal information; and/or
- any other purpose specified in our terms and conditions or policies available on our Site (including our Terms of Sale and Terms of Service).
(the “Primary Purpose“).
We do not sell personal data to any third parties or provide personal data to third parties for any business purpose (unless that business purpose has been specifically referred to in this Policy).
4.3 Use and disclosure of Personal Data
We will only use or disclose personal data about you for a purpose other than the Primary Purpose (being a “Secondary Purpose“) where the following apply:
- the Secondary Purpose is related to the Primary Purpose;
- you would reasonably expect us to use or disclose the personal data for the Secondary Purpose;
- you have consented to the use or disclosure for the Secondary Purpose;
- the use or disclosure of the personal data is required in order for us to defend or prosecute any legal claim or dispute; and/or
- the use or disclosure of the personal data is required or authorised under law, regulation or court order.
You may withdraw your consent to our use of your personal data for the Primary and Secondary Purposes at any time by contacting us using the contact information contained in this Policy. However, this may affect or limit your ability to purchase products through our Site and access our services, and we may not be in a position to continue providing our products and services to you.
Please note that withdrawing your consent does not affect our right to continue to collect, use and disclose your personal data where such collection, use and disclosure without your consent is permitted or required under applicable laws.
We may disclose your personal information to third party service providers, agents and other organisations we have engaged to perform any of the functions listed in Sections 4.2 and 4.3 above for us, including the third parties mentioned in Section 4.5.
4.4 Holding of Personal Data
We will take reasonable steps to protect personal data that we hold from:
- misuse, interference and loss; and
- unauthorized access, modification or disclosure.
You should be aware, however, that no method of transmission over the Internet or method of electronic storage is completely secure. In the unlikely event that there is a serious data breach that is likely to result in a risk to your rights and freedoms, we will without undue delay notify the appropriate supervisory authority in your jurisdiction. Where there is a high risk that a serious data breach will impact upon your rights and freedoms, we will also notify you of that breach.
4.5 Overseas disclosures
In order to provide customer support, process your payments, perform back office functions, deliver products to you, perform fraud prevention tasks, or provide our products and services to you we may need to allow our staff or third party service providers (who may be located or whose servers and resources may be located in a location other than your country of residence) access to your personal data and, in particular, your name, contact information, delivery address and payments and billing information.
We have implemented security measures to protect the security of your personal data. However, as with any transfer of data, there are still risks of data breaches. There may be instances where your personal data is transferred to third party countries and international organisations that have different privacy requirements and legislation to that of your jurisdiction. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your personal data.
Such transfers are necessary for us to perform our obligations and provide our products and services to you and include the following:
Identity management. We use a third party service provider, Okta, Inc to securely store all your account login and password information (including your full user profile, name, username and email). Your personal data may be stored and processed by Okta in various locations worldwide. Okta has obtained APEC Privacy Recognition for Processors certification. For information on how Okta handles your personal data please refer to https://www.okta.com/trustandcompliance.
Payment processing. We use third party payment processors and payment gateway service providers including Stripe, Paypal and Square to process payment transactions. We do not store any credit card information ourselves. Your personal data (including your contact information, name on the card(s), card number(s), expiry date(s), CVV2(s) and billing address(es)) may be stored and processed by these service providers in various locations worldwide, and handled as described in their respective privacy policies:
Communications. We use third service providers including Mailgun and Twilio to help us manage a database of our users’ email contacts, phone contacts and/or any other contact information, and to communicate with users via email, mobile push notifications, web push notifications, and in-app messaging (including to send you emails and text messages, generate automated responses and/or notifications, send reminders and alerts relating to the Service, send you our newsletters, updates and/or publications where you have consented to be on our mailing list). Your personal data (including your name, email and phone number) may be stored or processed by these service providers in various locations worldwide outside Singapore, and handled as described in their respective privacy policies:
For data subjects in Singapore: To the extent that we may need to transfer your personal data outside of Singapore, we shall do so in accordance with the Personal Data Protection Act 2012 (“PDPA“) to ensure that we provide a standard of protection to personal data so transferred that is comparable to the protection under the PDPA, including by ensuring that the recipient is either in a jurisdiction which has comparable data protection laws, or is contractually bound to protect your personal data.
In all other circumstances we will only disclose personal data to an overseas recipient if the disclosure of the information is required or authorized by law, regulation or court order.
4.6 Unsolicited information
5. Destruction of Personal Data
We will keep your personal data only for as long as we need it for legitimate business purposes, legal purposes and as required or permitted by applicable law. Typically, our legitimate business purposes do not require us to retain your personal data for more than 30 days following the deactivation of the user account you have created to access our App or Site. For instance, we may preserve your account (and retain all information therein) for thirty (30) days after termination by you and a reasonable period thereafter, to allow you the option (at our discretion) to reinstate your terminated account, as mentioned in our Terms of Service.
However, we may retain your personal data for longer periods for legal purposes, or if otherwise required or permitted by applicable laws. We will take reasonable steps to erase any personal data (or remove the means by which personal data can be associated with you) that we hold about you where:
- we no longer need the personal data for the purposes for which it was collected, or legal or business purposes and we are not otherwise entitled to retain such data; and
- we are not required or obligated by law, regulation or court order to retain the information.
6. Access, correction and portability
6.1 Access to Personal Data
We will provide you with access upon request to the personal data held by us in relation to you except to the extent that:
- giving access would be unlawful; or
- denying access is required or authorized by or under a relevant law, regulation or court order.
Following your request, we will contact you within thirty (30) days from the date of receipt of your request and provide you with the personal data requested, or inform you in writing of the time by which we will be able to respond to your request (subject to applicable laws) unless we have determined that some reason or obligation exists requiring us to withhold access to the personal data.
If we are unable to provide you with access to your personal data, we will generally inform you of the reasons why we are unable to do so (except where we are not permitted or required to do so under applicable laws).
6.2 Data portability
Insofar as it does not adversely affect the rights and freedoms of others and where you have communicated a request to us:
- where we have employed an automated means to process your personal data, we will provide you with a copy of such personal data in a structured, commonly used and machine-readable format; and
- after receiving your request, where technically feasible, we will transmit your personal data directly to another data holder.
6.3 Commercially sensitive information
Where providing you access to your personal data would reveal commercially sensitive information, we are unable to give you access to that information. However, we will provide you with the reasoning behind our determination.
6.4 Use of intermediaries
Where we cannot directly provide you with access to your personal data we may, if it is reasonable, engage the services of an intermediary to do so.
6.5 Correction and erasure of Personal Data
It is your responsibility to ensure that the information you provide to us is accurate and to update your personal data as necessary. If for any reason you are unable to correct any personal data held by us, please contact us using the contact information contained in this Policy.
If after receiving your request we choose not to correct your information, we will notify you within thirty (30) days of the reason for our refusal and (if required by applicable law) the mechanisms available to you to object to our refusal.
6.6 Refusal to correct or erase
If at any time we refuse or deny you access to your personal data, or refuse to correct or erase your personal data, we will provide you with reasons for such denial or refusal (except where we are not permitted or required to do so under applicable laws).
6.7 Restriction of processing
You may request that we limit or restrict the manner in which we deal with and process your personal data, in which case we will only process your personal data:
- with your consent or deemed consent;
- for the establishment, exercise or defence of legal claims against us;
- for the protection of the rights of another person; or
- where we are otherwise permitted or required by law to do so without your consent.
Access to, erasure and rectification of your personal data, including any communications related thereto, will generally be provided free of charge.
However, where you request for the provision of your personal information in documentary form, we may charge you a reasonable fee for providing the same (if applicable law permits).
Where your requests are manifestly unfounded or excessive in nature (particularly due to repetitiveness) we may also charge you a reasonable fee for providing the information or communication, or taking the action requested. Where your requests are manifestly unfounded or excessive in nature we may also refuse your request.
6.9 Specific objection rights
If it becomes necessary for us to process your personal data without your consent for reasons of:
- performing a task in the public interest;
- the exercise of an official authority that has been vested in us; or
- where it is in our legitimate interests or the legitimate interests of a third party to do so;
you will have the right to object to such use if applicable laws so provides but not otherwise.
Where you exercise such right and object to our use of your personal data we will refrain from using your personal data unless compelling legitimate grounds exist for us to use that personal data, or for the establishment, exercise or defence of legal claims or where applicable laws permit or require us to use your personal data without your consent.
7.1 Making a complaint
You also have the right to lodge a complaint with the relevant supervisory authority in your jurisdiction. If you are unsure who your relevant supervisory authority may be, please contact us so that we may provide you with assistance.
7.2 Our response
Upon receipt of your request, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed. In general, we shall seek to process and effect your request within thirty (30) days of receiving it.
We will also, generally within 30 days of receipt of your complaint, notify you in writing as to what action we propose to take in relation to your complaint and (if applicable law requires) will provide you with details of what further action you can take if you are not satisfied with our response.
We reserve the right to vary this Policy from time to time without prior notice to you. Any variations made will be updated on our Site. It is your responsibility to check our Policy periodically to ensure you are aware of any changes made to it.
Your continued use of our Site, App and/or products and services constitutes your acknowledgement and acceptance of such changes.