Privacy Policy
Overview
The following privacy policy (the "Policy") describes how Sedia Design Pte. Ltd. (hereinafter referred to as the "Company", “we”, “us” or “our” in this Policy) collects, uses and discloses your personal data in the course of your use of the Spotlight platform (accessible at https://spotlight.soy/ or such other URL as may be specified by us from time to time) (the “Website”) and the services provided on the Website (the "Services").
This Policy is incorporated by reference into the Terms of Use. By accessing our Website, providing us with your personal data or accessing or using any of the Services made available on or provided through our Website, you agree and consent to all the terms and conditions of this Policy (as amended, modified or supplemented from time to time). If you do not accept and agree to any of the provisions in this Policy, you should refrain from entering into our Website or accessing or using any of the Services of our Website.
Please note that this Policy does not apply to, and we are not responsible for, the privacy practices of third party websites which may be linked to or accessible through our Website. You are advised to read the privacy policies of the respective third party websites you visit. If you have any questions regarding this Policy, please contact our Data Protection Officer at the contact details provided in paragraph 11 below.
1. Personal Data
The term "personal data" refers to data, whether true or not, about an individual who can be identified from that data, or from that data and other information to which the Company has or is likely to have access. Such personal data may include but is not limited to your name, date of birth, address, telephone number, e-mail address, bank account number, credit card number, driver's license number, account username and password, transaction records, search preferences, purchase history, location data, as well as data related to your appearance, fingerprints and voice prints.
2. Method of Collection and Processing Personal Data
The Company may collect and process your personal data when you:
- create or register for an account on our Website;
- access or use our Website and/or any Services made available on or provided through our Website;
- contact us with queries or respond to our communications;
- request to be included in an email or other mailing list;
- respond to or participate in any promotions, marketing campaigns or other initiatives; and
- submit your personal data to us for any other reason, for example where required to effect a transaction.
In addition, we may also collect information about you that is publicly available or from affiliated parties, third parties and/or regulatory authorities.
You acknowledge that you will provide us with the information as requested to create or register an account on our Website, to complete any payments required to be made and for us to reach out to you. You can always refuse to provide your personal data. However, this may prevent us from providing you with our Services.
3. Purpose of Collection and Use of Personal Data
The Company may collect, use and disclose your personal data for any or all of the following purposes set out below. For the avoidance of doubt, we will only process your personal data to the extent necessary for the specific purpose. Such purposes include:
- to provide the Services and operate the Website and improve the Services and the Website;
- to ensure proper administration of our business which includes keeping proper records, responding to inquiries or requests, resolving complaints and managing our business relationships and opportunities;
- to send advertisements, marketing communications and other promotional materials such as e-mails with information on new features, updates, campaigns, and other services provided by the Company;
- to contact you as necessary including for maintenance of your account, providing user support, communicating with you about our Services and about your engagement with us, informing you about important changes in our terms, sending you relevant notices, etc.;
- to prevent, detect, identify and investigate fraud, suspicious activity linked to your account, any illegal, unauthorised or improper activities, or any violation of our Terms of Use, and to stop such illegal, unauthorised or improper activities;
- to allow users to view or edit their account information, and to view their usage status;
- to facilitate payments for paid Services;
- to establish, exercise or defend legal claims in suspected or actual legal proceedings in any jurisdiction;
- to comply with any applicable laws, regulations, codes of practice, guidelines or rules, or assist in investigations conducted by any law enforcement, governmental and/or regulatory authority or public body;
- to analyse and track data to determine the effectiveness of our content and to understand the activity of our users; and
- for any purposes in connection with or incidental to the above purposes of collection, processing and use.
The Company may change the purpose(s) for which your personal data is collected, used or disclosed when it is reasonably appropriate in the circumstances and, unless otherwise exempted under the Personal Data Protection Act 2012 of Singapore (“PDPA”) (as amended, supplemented or modified from time to time), you will be notified by the Company of any such changes via an announcement on the Website.
4. Disclosure of Personal Data to Third Parties
Subject to applicable laws, we may disclose your personal data for the above-stated purposes, to the following parties:
- third-party service providers, partners, merchants, agents and advertisers (hereinafter referred to as “Business Partners”) acting on our behalf and that provide services such as [data analytics, marketing, advertising, payment services and information technology assistance], or with whom we may collaborate (including to jointly run promotions, contests, surveys, privileges, gift cards, marketing programmes and other initiatives);
- our affiliates, parent company, subsidiaries and/or participating shops;
- our directors, officers, employees, representatives, agents or delegates to whom disclosure is necessary for business purposes;
- our professional advisors, such as lawyers, auditors and consultants;
- our professional indemnity insurers;
- regulatory authorities, as required by applicable laws, for the purposes of including, but not limited to, responding to any governmental or regulatory authority request, cooperating with law enforcement investigations and mutual assistance, or upon receipt of any court order; and
- prospective or actual buyers or sellers in the event of a merger, acquisition or other reorganization or sale of disposition of all or any portion of our business and/or assets.
Subject to applicable laws, the Company may also disclose your personal data to third parties without your prior consent in certain situations, including but not limited to the following:
- when consent for the disclosure cannot be obtained in a timely way and there are reasonable grounds to believe that your health or safety or that of another individual will be seriously affected;
- when the disclosure of personal data is necessary to respond to an emergency that threatens your life, health or safety or that of another individual;
- when the disclosure of personal data is in the national interest;
- when the disclosure of personal data is made to a public agency and such disclosure is necessary in the public interest; and
- when the disclosure of personal data is necessary for any investigation or proceedings.
5. Transfer of Personal Data outside Singapor
The Company may share your personal data with recipients based outside of Singapore if necessary for the purposes stated in this Policy. When we do send personal data abroad, we have in place adequate safeguards in compliance with the requirements under the PDPA. This includes ensuring that the recipient is bound by legally enforceable obligations to provide the transferred personal data a comparable standard of protection as that under the PDPA.
6. Retention of Personal Data
The Company will store your personal data in accordance with applicable laws and only for as long as needed to carry out the purposes described in this Policy.
7. Protection of Personal Data
We will ensure that the personal data that we hold about you is subject to appropriate security measures. We adopt stringent data collection, storage and processing practices and employ security measures such as [antivirus protection, encryption technology and firewalls] in order to protect against loss or unauthorised access, collection, use, disclosure, copying, alteration, modification, disposal, hacking, destruction and similar risks to your personal data (including your transaction information and such other data in connection with your account with us).
When we appoint third-party data processors, we will ensure that they guarantee that they will also apply these security policies and measures when processing your personal data.
However, neither the computer security system nor the Internet is entirely secure. As a result, we do not assume responsibility for the information you submit to or receive from us or for any unauthorised access or use of that information, and we cannot and do not guarantee the security of any information transmitted by you to us or vice versa. You agree not to hold us and the respective Business Partners liable for any loss or damage incurred as a result of any misappropriation, interception, modification, deletion, destruction or use of your personal data held by us. In the event of a data breach, we will notify you as soon as practicable as required by law.
8. Your Rights
In certain circumstances, you may exercise the rights available to you under the PDPA as follows:
-
Right to access personal data. You have the right to access your personal data by requesting for a copy of your personal data in our possession or under our control and for information about how your personal data has been used or disclosed within 12 months before the date of your request (“Access”).
Subject to applicable laws, the Company will grant your Access request as soon as reasonably possible. Under the PDPA, the Company is not required to grant your Access request (in whole or in part) under certain circumstances, including but not limited to where the provision of such personal data could reasonably be expected to:
- threaten the safety or physical or mental health of an individual other than the individual who made the request;
- cause immediate or grave harm to the safety or to the physical or mental health of the individual who made the request;
- reveal personal data about another individual;
- reveal the identity of an individual who has provided personal data about another individual and the individual providing the personal data does not consent to the disclosure of his identity;
- be contrary to the national interest;
- reveal confidential commercial information that could reasonably harm the competitive position of the Company; or
- unreasonably interfere with the operations of the Company.
If the Company does not accede to your Access request on valid grounds, it will notify you that your Access request has been denied. A fee may be charged by the Company for the costs involved in responding to your Access request.
-
Right to correct or update personal data. If your personal data in the possession of or under the control of the Company is incorrect, you may request the Company to correct or update your personal data (hereinafter referred to as "Correction") by updating your account information or submitting a request to the Company at the contact details provided in paragraph 11 below. We will respond to your request as soon as practicable.
Please note that if the Company is satisfied on reasonable grounds that the Correction should not be made, it may not make the requested Correction.
-
Right to withdraw your consent. The collection and processing of your personal data is necessary for the use of the Website and our provision of the Services to you. You may, however, opt out of the collection and use of your personal data for other purposes, such as receiving marketing materials or seeking feedback and comments on our content and the Services. You can choose to opt out from the collection and use of your personal data for such other purposes by sending us an email at: [•]. We will respond to your request as soon as reasonably possible.
Please note that withdrawing your consent for certain purposes may prevent us from continuing to provide you with our Services and/or performing any contracts we may have with you, and this may also result in the termination of any contract you may have with us and your being in breach of your contractual obligations or undertakings, and our legal rights and remedies in such event are expressly reserved.
Please note that withdrawing your consent for any purpose stated above does not affect our right to continue to collect, use and/or disclose personal data where consent is not required for such collection, usage and/or disclosure under applicable laws.
You may exercise your rights at any time by sending us a request using the contact details below. All such requests received will be handled in accordance with applicable data protection laws. We may ask you to provide proof of identity before we can respond to your request. In some situations, we may reject your request for Access or Correction where permitted under the law (for example, if an Access request is frivolous or vexatious). If your request has been rejected by the Company, we will notify you of this as soon as practicable.
9. Cookies
This Website uses “Cookies” to enhance user experience. “Cookies” are files that a mobile app, site or its service provider transfers to your mobile device or computer’s hard drive which enables the mobile app’s, the site’s or the service provider’s systems to recognize your device or browser and capture and remember certain information. You may opt to disable “Cookies”. However, switching off “Cookies” may restrict your enjoyment of certain Services.
10. Changes to the Policy
We reserve the right to change the contents of this Policy from time to time. If we make any changes, the updated Policy will be posted on the Website with a revised effective date.
11. Contact details
If you have any questions regarding this Policy or your personal data held by us, please contact our Data Protection Officer by any of the following means, indicating your contact information and details of your query or request (for example, Correction of Personal Data Request, or Personal Data Access Request):
-
Writing to:
Data Protection Officer
Sedia Design Pte. Ltd.
105 Cecil Street
#24-02, The Octagon
Singapore 069534
- Completing this form: お問い合わせ