2. From time to time, Shepha Advisory may collect Personal Data from (a) users, (b) third parties, including user’s beneficial owners, partners, directors, officers or authorised signatories, employees, customers, payors, payees, guarantors, other security providers and other natural persons related to that user (the “Relevant Individuals”) and/or (c) publicly available sources including credit bureaus, Personal Data about users, Relevant Individuals and related parties in connection with the access and use of the Website, Platform or any of the Services to provide more personalised service for our users. This may include:
2.2. Collection of information in relation to the devices (including device operating system, hardware version, settings, file and software names and types and device identifiers, device location, connection information such as the name of the ISP or mobile operator through which the Platform is accessed, browser type and IP address) which are used to access the Website or the Platform.
3. Should you provide Shepha Advisory any Personal Data of yourself or others:
(a) You represent and warrant to Shepha Advisory that (i) each individual (including yourself) whose Personal Data has been provided to us, has been notified of the purposes for which data will be collected, processed, used or disclosed; and (ii) such individual’s consent for the collection, processing, use and disclosure of such Personal Data by Shepha Advisory has been obtained and authorised by such individual.
(b) You shall notify us immediately upon becoming aware of any withdrawal by any individual of his/her consent to the collection, processing, use and/or disclosure by Shepha Advisory of his/her Personal Data provided to Shepha Advisory. The withdrawal of such consent may affect the services which Shepha Advisory is able to provide to you, such individual and/or the corporate you represent (including possible termination of your contractual relationship with us, subject to termination provisions relating to registered users and may be deemed a breach of your representation and undertakings to us).
(c) You shall ensure at all times that any information provided (including any Personal Data) to us is correct, accurate and complete, and that any consent given in relation to Personal Data shall, subject to all applicable laws and regulations, survive death, incapacity, bankruptcy or insolvency of any such individual and the termination or expiration of any account in connection with the use of the Platform.
4. Personal Data submitted or collected by Shepha Advisory may be used by Shepha Advisory for any of its business purposes, including (the “Purposes”):
(a) To operate, administer any account and to provide Services to any user through the Platform including, but not limited to, maintaining accurate “know your customer” information, to verify the identities or authorities of users and/or their representatives who contact Shepha Advisory or may be contacted by Shepha Advisory, to carry out or respond to requests, questions or instructions from users and/or their representatives, and to perform risk modelling or analysis;
(b) To facilitate transactions on the Platform or in connection with the Services (including for any third party and other Services related matters);
(d) To verify the identity or authority of users and/or representatives of users and/or to pursuant to current Shepha Advisory security procedures or internal procedures;
(e) In the assessment and evaluation of viability, credibility, suitability, eligibility and identity of users in connection with the Platform, the Services, and/or any other documents entered into or agreed to by such Registered Users;
(f) To carry out, monitor and analyse Shepha Advisory’ business;
(g) For the marketing, promoting or advertisement of products and services (including any co-branded products or services) which we think you may be interested in;
(h) As part of, or in connection with, any sale, merger, or similar change of Shepha Advisory’ business;
(i) For customer feedback and complaints or legal purposes in enforcing Shepha Advisory’ rights, drafting and reviewing of documents, procuring legal advice and dispute resolution;
(j) To comply with any applicable laws, rules, or regulations in any country;
(k) To detect, prevent and investigate fraud, crime, offences, money-laundering, counter-terrorist financing and bribery; and
(l) Purposes reasonably related to the aforesaid.
5. Shepha Advisory may retain Personal Data for so long as one or more of the purpose for which it was collected remains valid, where required by regulation or law (national or international), or as required by its own record retention policies or own business purposes.
6. Shepha Advisory may from time to time also disclose Personal Data for any of the Purposes to Shepha Advisory’ shareholders, directors, officers, and employees and the following parties (whether inside or outside of Singapore):
(a) Any agent, contractor, or third party service provider who provides banking, remittance, administrative, mailing, telecommunications, call centres, business process, travel, visa, knowledge management, human resource, data processing, information technology, computer, payment, debt collection, credit reference checks or securities clearing or risk modelling or analysis or other services to Shepha Advisory in connection with the business operations of Shepha Advisory and/or the Website, Platform or any of the Services;
(b) Any person or entity employed by or on behalf of Shepha Advisory or is a part of or related to any group of companies of which Shepha Advisory forms part or is affiliated to;
(c) Any person or entity to whom Shepha Advisory is under an obligation or otherwise required to make disclosure pursuant to any applicable laws and regulations, including disclosure to courts, tribunals, and/or legal, regulatory, tax and government authorities and stock exchanges;
(d) Any party giving or proposing to give a guarantee or third party security to guarantee or secure the obligations of any user;
(e) Any party for purposes of conducting checks with the Do Not Call Registry;
(f) Any party for purposes of meeting or complying with Shepha Advisory’ internal policies and procedures and any applicable rules, laws, regulations, codes of practice or guidelines, orders or requests issued by any court, legal or regulatory bodies (both national and international) (including but not limited to disclosures to regulatory bodies, conducting audit checks or any investigations);
(g) Any actual or proposed assignee of Shepha Advisory or transferee of Shepha Advisory’ rights in respect of all or any part of the assets or business of Shepha Advisory; and
(h) Any credit bureau (including without limitation Credit Bureau (Singapore) Pte Ltd) as well as the members of such credit bureau and other relevant third parties in connection with the use of the Platform (e.g. banks, financial intermediaries, insurers, reinsurers, escrow agents and other P2P platforms).
7. Without prejudice to the foregoing, Shepha Advisory may disclose Personal Data to any person or entity to whom Shepha Advisory is under an obligation or otherwise required to make disclosure pursuant to any applicable laws and regulations, including disclosure to courts, tribunals, and/or legal, regulatory, tax and government authorities in Singapore or otherwise.
8. You may access or make corrections to any of your Personal Data held by Shepha Advisory. To do so, please contact us (at firstname.lastname@example.org). Shepha Advisory reserves the right to charge such fees as it may, in its sole and absolute discretion, deem appropriate for the grant of such access and to correct any Personal Data.
9. Shepha Advisory may from time to time send you and/or the Relevant Individuals email messages or short message service (“SMS”) to mobile phones based on Personal Data provided to us. We do not guarantee that these messages will be completely secure. Under no circumstance will Shepha Advisory be liable for any damages incurred or sustained by you or the Relevant Individuals in connection with or arising from any such messages transmitted by Shepha Advisory or to Shepha Advisory.
10. You acknowledge and accept that the inherent nature of the internet and/or telecommunications services is such that transmissions may be subject to interruption, interception, hacking, fluctuation, inaccuracy, defect, corruption, loss, connection error, transmission blackout, delayed or failed transmission and/or incorrect, garbled or incomplete data transmission. Shepha Advisory will not be liable for breakdown, interruption, failure, closure or malfunctions in communications facilities not under its control that may affect the accuracy, authenticity or timeliness of messages and transactions that may be sent and does not warrant that any identified defect will be corrected.
This notice applies to you only if you are an EU Citizen/are located or residing in the EU. It explains how Shepha Advisory Private Limited (“SHEPHA ADVISORY”) collects, uses and discloses your personal data, and your rights in relation to the personal data it holds.
Shepha Advisory (in this Privacy Notice, “us”, “we” and “our”) is the data controller of your personal data and is committed to complying with the EU General Data Protection Regulation 2016/679 (the “GDPR”) and any locally Singapore applicable data protection laws.
Our Privacy and Data Compliance Officer is contactable by email at email@example.com
Under the GDPR you have the following rights:
- To obtain access to, and copies of, the personal data that we hold about you;
- To require that we cease processing your personal data if the processing is causing you damage or distress;
- To require us not to send you marketing communications;
- To require us to erase your personal data;
- To require us to restrict our data processing activities;
- To receive from us the personal data we hold about you which you have provided to us, in a reasonable format specified by you, including for the purpose of you transmitting that personal data to another data controller; and
- To require us to correct the personal data we hold about you if it is incorrect.
Please note that the above rights are not absolute, and we may be entitled to refuse requests where exceptions apply.
If you are located in Europe, to find out more about your rights please refer to the EU regulator in the place where you are located (in the EU). If you have any questions about how we use your personal data, or you wish to exercise any of the rights set out above, please contact firstname.lastname@example.org
How we collect your data
We collect your personal data in a number of ways, for example:
- From the information you provide to us when you meet us;
- From information about you provided to us by your company or an intermediary;
- When you communicate with us by telephone, fax, email or other forms of electronic communication. In this respect, we may monitor, record and store any such communication;
- When you complete (or we complete on your behalf) client on-boarding or application or other forms;
- From your agents, advisers, intermediaries, and custodians of your assets;
- From publicly available sources or from third parties, most commonly where we need to conduct background checks about you.
The categories of personal data we collect
We may collect the following categories of personal data about you:
- Your name and contact information such as your home or business address, email address and telephone number;
- Biographical information which may confirm your identity including your date of birth, tax identification number and your passport number or national identity card details, country of domicile and/or your nationality;
- Information relating to your financial situation such as income, expenditure, assets and liabilities, sources of wealth, as well as your bank account details;
- Information about your knowledge and experience in the investment field;
- An understanding of your goals and objectives in procuring our services;
- Information about your employment, education, family or personal circumstances, and interests, where relevant; and
- Information to assess whether you may represent a politically exposed person or money laundering risk.
The basis for processing your personal data (other than with your consent), how we use that personal data and whom we share it with.
Performance of a contract with you
We process your personal data because it is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract.
In this respect, we use your personal data for the following:
- To prepare a proposal for you regarding the services we offer;
- To provide you with the services as set out in subscription agreements or banking channels management agreements with you or as otherwise agreed with you from time to time;
- To deal with any complaints or feedback you may have;
- For any other purpose for which you provide us with your personal data.
In this respect, we may share your personal data with or transfer it to the following:
- Your agents, advisers, intermediaries, and custodians of your assets who you tell us about;
- Third parties whom we engage to assist in delivering the services to you;
- Our professional advisers where it is necessary for us to obtain their advice or assistance, including lawyers, accountants, IT or public relations advisers;
- Other third parties such as intermediaries who we introduce to you. We will wherever possible tell you who they are before we introduce you;
- Our data storage providers.
We may also process your personal data because it is necessary for our legitimate interests, or sometimes where it is necessary for the legitimate interests of another person.
In this respect, we use your personal data for the following:
- For marketing to you. In this respect, see the separate section on Marketing below;
- Training our staff or monitoring their performance;
- For the administration and management of our business, including recovering money you owe to us, and archiving or statistical analysis;
- Seeking advice on our rights and obligations, such as where we require our own legal advice;
In this respect we will share your personal data with the following:
- Our advisers or agents where it is necessary for us to obtain their advice or assistance;
- With third parties and their advisers where those third parties are acquiring, or considering acquiring, all or part of our business.
We may also process your personal data for our compliance with a legal obligation which we are under.
In this respect, we will use your personal data for the following:
- To meet our compliance and regulatory obligations, such as compliance with anti-money laundering laws;
- As required by tax authorities or any competent court or legal authority.
In this respect, we will share your personal data with the following:
- Our advisers where it is necessary for us to obtain their advice or assistance;
- Our auditors where it is necessary as part of their auditing functions;
- With third parties who assist us in conducting background checks;
- With relevant regulators or law enforcement agencies where we are required to do so.
We will send you marketing about similar services we provide, as well as other information in the form of alerts, newsletters and invitations to events or functions which we believe might be of interest to you.
We will communicate this to you in a number of ways including by post, telephone, email, SMS, WHATSAPP or other digital channels.
If you object to receiving marketing from us at any time, please contact email@example.com
Transfer and processing of your personal data outside the European Union
When processing your personal data as set out in this Privacy Notice and based on our location in Singapore, it will have been transferred outside the European Union. However, if your personal data is originally collected from within the EU it will only be transferred on one of the following bases:
- the country that we send the personal data to is approved by the European Commission as providing an adequate level of protection for personal data; or
- you have explicitly consented to the same.
To find out more about international transfers by us of your personal data and the countries concerned, please contact firstname.lastname@example.org
Retention of your data
We will only retain your personal data for as long as we have a lawful reason to do so. In particular:
- where we have collected your personal data as required by anti-money laundering legislation, including for identification, screening and reporting, we will retain that personal data for five years after the termination of our relationship, unless we are required to retain this information by another law or for the purposes of court proceedings; or
- otherwise, we will in most cases retain your personal data for a period of seven years after the termination of our contractual or other relationship with you in case any claims arise out of the provision of our services to you.