This policy sets out:
- (A) the information we collect about you when you visit our website, use our products or services, or otherwise interact with us;
- (B) how we use, share, store, and secure the information; and
- (C) how you may access and control the information.
In this policy, “Detrack” or “we” refers to Detrack Systems Pte. Ltd. of 61 Kaki Bukit Avenue 1, #04-34 Shun Li Industrial Park, Singapore 417943, Singapore and “Platform” means our website at https://www.detrack.com and our software, namely Detrack.
In this policy, “personal information” refers to any data, information, or combination of data and information that is provided by you to us, or through your use of our products or services, that relates to an identifiable individual.
Detrack is a B2B cloud service offering. If you are a customer of a Detrack’s user, please direct your enquiries to them. The withdrawal, access and correction of personal data listed below is only applicable if Detrack collects your personal data.
1 What information we collect about you
1.1 We collect the following types of information about you:
- (a) account and profile information that you provide when you register for an account or sign up for our products or services, for example your first name, last name, email address, physical address (billing or delivery or both), telephone number(s) (collectively, “Account Data”);
- (b) information you provide through support channels, for example when you report a problem to us or interact with our support team, including any contact information, documentation, or screenshots (collectively, “Support Data”);
- (c) the content you provide through the use of our products or services, for example notes, instructions, status descriptions, contact information (collectively, “User Content”);
- (d) communication, marketing, and other preferences that you set when you set up your account or profile, or when you participate in a survey or a questionnaire that we send you (collectively, “Preference Data”);
- (e) details of any transactions, purchases, or orders that you’ve made with us (collectively, “Transaction Data”);
- (f) payment information, for example your payment card information or PayPal email ID (collectively, “Financial Data”);
- (g) information about your device or connection, for example your internet protocol (IP) address, log-in data, browser type and version, time-zone setting, browser plug-in types and versions, operating system and platform, GPS location, and other technology on the devices you use to access our products or services and information we collect through cookies and other data collection technologies (please read our Cookies Policy for details) (collectively, “Technical Data”); and
- (h) Information about your use of or visit to our Platform, for example your clickstream to, through, and from our Platform, products you viewed, used, or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), or methods to browse away from the page (collectively, “Usage Data”).
1.2 We collect the above information when you provide it to us or when you use or visit our Platform. We may also receive information about you from other sources, including:
- (a) other users of our products or services, for example reviews of goods / services posted by recipients;
1.3 We do not collect sensitive data or special category data about you. This includes details about your race, ethnic origin, politics, religion, trade union membership, genetics, biometrics, health, or sexual orientation.
2 How we use the information we collect
2.1 We only use your personal information where the law allows us to. We use your personal information only where:
- (a) we need to perform the contract we have entered into (or are about to enter into) with you, including to operate our products or services, to provide customer support and personalized features, and to protect the safety and security of our Platform;
- (b) it satisfies a legitimate interest which is not overridden by your fundamental rights or data protection interests, for example for research and development, and in order to protect our legal rights and interests
- (c) we have direct marketing materials that is relevant or related to the use of our product, which can be opted out at any time through an unsubscribe link
- (d) you’ve given us consent to do so for a specific purpose, for example we may publish your information as part of our testimonials or customer stories to promote our products or services with your permission; or
- (e) we need to comply with a legal or regulatory obligation.
2.2 If you have given us consent to use your personal information for a specific purpose, you have the right to withdraw your consent any time by contacting us (please refer to Section 14 for contact information), but please note this will not affect any use of your information that has already taken place.
2.3 We do not share your personal information with any company outside our group for marketing purposes unless with your express specific consent to do so.
2.4 For visitors to or users of our Platform who are located in the European Union, we have set out our legal bases for processing your information in the Legal Bases Table at the end of this policy.
3 How we share information we collect
3.1 We share information with third parties that help us operate, provide, support, improve, and market our products and services, for example third-party service providers who provide website and application development, data storage and backup, infrastructure, billing, payment processing, customer support, business analytics, and other services.
3.2 Third-party service providers have access to your personal information only for the purpose of performing their services and in compliance with applicable laws and regulations. We require these third-party service providers to maintain confidentiality and security of all personal information that they process on our behalf and to implement and maintain reasonable security measures to protect the confidentiality, integrity, and availability of your personal information.
3.3 We take reasonable steps to confirm that all third-party service providers that we engage process personal information in the manner that provides at least the same level of protection as is provided under this policy. Where any third-party provider is unable to satisfy our requirements, we will require them to notify us immediately and we will take reasonable steps to prevent or stop non-compliant processing.
3.4 We may share personal information on aggregated or de-identified basis with third parties for research and analysis, profiling, and similar purposes to help us improve our products and services.
3.5 If you use any third-party software in connection with our products or services, for example any third-party software that our Platform integrates with, you might give the third-party software provider access to your account and information. Policies and procedures of third-party software providers are not controlled by us, and this policy does not cover how your information is collected or used by third-party software providers. We encourage you to review the privacy policies of third-party software providers before you use the third-party software.
3.6 Our Platform may contain links to third-party websites over which we have no control. If you follow a link to any of these websites or submit information to them, your information will be governed by their policies. We encourage you to review the privacy policies of third-party websites before you submit information to them.
3.7 We may share your information with government and law enforcement officials to comply with applicable laws or regulations, for example when we respond to claims, legal processes, law enforcement, or national security requests.
3.8 If we are acquired by a third party as a result of a merger, acquisition, or business transfer, your personal information may be disclosed and/or transferred to a third party in connection with such transaction. We will notify you if such a transaction takes place and inform you of any choices you may have regarding your information.
4 How we store and secure information we collect
4.1 We use data hosting service providers based in the US to host the information we collect.
4.2 We have adopted the following measures to protect the security and integrity of your personal information:
- (a) information is encrypted using TLS/SSL technology;
- (b) your account is password-protected, with the requirement(s) that passwords must be at least 8 characters long, with a combination of letters and numbers;
- (c) access to your personal information is restricted to personnel or service providers on a strictly need-to-know basis, who will only process your information on our instructions and who are subject to a duty of confidentiality; and
- (d) our information collection, storage, and processing practices are reviewed regularly.
4.3 We have put in place procedures to deal with any suspected privacy breach and will notify you and any applicable regulator of a breach where we are legally required to do so, no later than 72 hours after establishing that the data breach has happened.
4.4 While we implement safeguards designed to protect your information, please note that no transmission of information on the Internet is completely secure. We cannot guarantee that your information, during transmission through the Internet or while stored on our systems or processed by us, is absolutely safe and secure.
4.5 We only retain personal information for so long as it is reasonably necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. After such time, we will delete or anonymize your information, or if this is not possible, we will securely store your information and isolate it from further use. We periodically review the basis and appropriateness of our data retention policy.
5 How we transfer information internationally
5.1 We collect information globally and primarily store that information in US. We transfer, process, and store your information outside your country of residence where we or our service providers operate for the purpose of providing our products and services to you.
5.2 Some of the countries in which our companies or service providers are located may not have the privacy and data protection laws that are equivalent to those in your country of residence. When we share information with these companies or service providers, we make use of contractual clauses, corporate rules, and other appropriate mechanisms to safeguard the transfer of information.
6 Your rights
6.1 You have the right to:
- (a) be informed of what we do with your personal information;
- (b) request a copy of personal information we hold about you;
- (c) require us to correct any inaccuracy or error in any personal information we hold about you;
- (d) request erasure of your personal information (note, however, that we may not always be able to comply with your request of erasure for record keeping purposes, to complete transactions, or to comply with our legal obligations);
- (e) object to or restrict the processing by us of your personal information (including for marketing purposes);
- (f) request to receive some of your personal information in a structured, commonly used, and machine readable format, and request that we transfer such information to another party; and
- (g) withdraw your consent at any time where we are relying on consent to process your personal information (although this will not affect the lawfulness of any processing carried out before you withdraw your consent).
6.2 Our Platform enables you to update certain information about yourself, for example you may change your business information by updating your user profile or changing your user settings.
6.3 You may opt out of receiving marketing materials from us by using the unsubscribe link in our communications, by updating your preferences within your account on our Platform, or by contacting us. Please note, however, that even if you opt out from receiving marketing materials from us, you will continue to receive notifications or information from us that are necessary for the use of our products or services.
6.4 As a security measure, we may need specific information from you to help us confirm your identity when processing your privacy requests or when you exercise your rights.
6.5 Any request under Section 6.1 will normally be addressed free of charge. However, we may charge a reasonable administration fee if your request is clearly unfounded, repetitive, or excessive.
6.6 We will respond to all legitimate requests within one (1) month. Occasionally, it may take us longer than a month if your request is particularly complex or if you have made a number of requests.
7 Withdrawing your consent
7.1 The consent that you provide for the collection, use and disclosure of your personal data will remain valid until such time it is being withdrawn by you in writing. You may withdraw consent and request us to stop collecting, using and/or disclosing your personal data by submitting your request in writing or via email to our Data Protection Officer at the contact details provided below.
7.2 Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us. In general, we shall seek to process your request within one (1) month of receiving it.
7.3 Whilst we respect your decision to withdraw your consent, please note that depending on the nature and scope of your request, we may not be in a position to continue providing our products or services to you or to process your job application (as the case may be). We shall, in such circumstances, notify you before completing the processing of your request (as outlined above). Should you decide to cancel your withdrawal of consent, please inform us in writing in the manner described in Section 7.1 above.
7.4 Please note that withdrawing consent does not affect our right to continue to collect, use and disclose personal data where such collection, use and disclose without consent is permitted or required under applicable laws.
8 Accessing to and correction of personal data
8.1 If you wish to make (a) an access request for access to a copy of the personal data which we hold about you or information about the ways in which we use or disclose your personal data, or (b) a correction request to correct or update any of your personal data which we hold about you, you may submit your request in writing or via email to our Data Protection Officer at the contact details provided below.
8.2 Please note that a reasonable fee may be charged for an access request. If so, we will inform you of the fee before processing your request.
8.3 We will respond to your request as soon as reasonably possible. In general, our response will be within fifteen (15) days. Should we not be able to respond to your access request within one (1) month after receiving your access request, we will inform you in writing within one (1) month of the time by which we will be able to respond to your request. If we are unable to provide you with any personal data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the PDPA).
8.4 Please note that depending on the request that is being made, we will only need to provide you with access to the personal data contained in the documents requested, and not to the entire documents themselves. In those cases, it may be appropriate for us to simply provide you with confirmation of the personal data that our organization has on record, if the record of your personal data forms a negligible part of the document.
9 Situations where we may collect personal data without consent
9.1 Detrack may collect personal data about you (an individual) without your consent or from a source other than the individual in any of the following circumstances:
- (a) the personal data is publicly available;
- (b) the collection is necessary in the national interest;
- (c) the collection is necessary for any investigation or proceedings, if it is reasonable to expect that seeking the consent of the individual would compromise the availability or the accuracy of the personal data; or
- (d) the collection is necessary for the provision of legal services by Detrack to another person or for Detrack to obtain legal services.
10 Situations where we may use personal data without consent
10.1 Detrack may use personal data about you (an individual) without your consent in any of the following circumstances:
- (a) the use is necessary to respond to an emergency that threatens the life, health or safety of the individual or another individual;
- (b) the personal data is publicly available;
- (c) the use is necessary in the national interest; or
- (d) the use is necessary for the provision of legal services by Detrack to another person or for Detrack to obtain legal services.
11 Situations we may disclose personal data without consent
11.1 Detrack may disclose personal data about you (an individual) without the consent in any of the following circumstances:
- (a) the disclosure is necessary to respond to an emergency that threatens the life, health or safety of the individual or another individual;
- (b) there are reasonable grounds to believe that the health or safety of the individual or another individual will be seriously affected and consent for the disclosure of the data cannot be obtained in a timely way;
- (c) the disclosure is necessary in the national interest;
- (d) the disclosure is necessary for the provision of legal services by Detrack to another person or for Detrack to obtain legal services; or
- (e) the personal data is disclosed to any officer of a prescribed law enforcement agency, upon production of written authorization signed by the head or director of that law enforcement agency or a person of a similar rank, certifying that the personal data is necessary for the purposes of the functions or duties of the officer.
12 Changes to this policy
12.1 We may amend this policy from time to time by posting the updated policy on our Platform. By continuing to use our Platform after the changes come into effect, you agree to be bound by the revised policy.
13 Policy towards children
13.1 Our products and services are not directed to individuals under 16. We do not knowingly collect personal information from individuals under 16. If we become aware that an individual under 16 has provided us with personal information, we will take steps to delete such information. Contact us if you believe that we have mistakenly or unintentionally collected information from an individual under 16.
14 Contact us
14.1 Please contact us at email@example.com or (+65) 6844 0509.
14.2 Or submit any written request to:
Detrack Systems Pte. Ltd.
61 Kaki Bukit Avenue 1, #04-34 Shun Li Industrial Park, Singapore 417943, Singapore
Attn: Data Protection Officer
14.3 Please contact us in the first instance if you have any questions or concerns. If you have unresolved concerns, you have the right to file a complaint with a data protection authority in the country where you live or work or where you feel your rights have been infringed.
15 COOKIES POLICY
We use both persistent cookies and session cookies. A persistent cookie stays in your browser and will be read by us when you return to our Site or a partner site that uses our services. Session cookies only last for as long as the session lasts (usually the current visit to a website or a browser session).
We use the following types of cookies:
- (a) Strictly necessary cookies – these are cookies that are required for the operation of our site. They include, for example, cookies that enable you to log into secure areas of our website.
- (b) Analytical/performance cookies – these allow us to recognize and count the number of visitors and to see how visitors move around our Site when they are using it. This helps us to improve the way our site works, for example, by ensuring that users are easily finding what they are looking for.
- (c) Functionality cookies – these are used to recognize you when you return to our site.
- (d) Targeting cookies – these cookies record your visit to our site, the pages you have visited, and the links you have followed.
You can block cookies by activating the setting on your browser that allows you to refuse the use of all or some cookies. However, if you do so, you may not be able to access all or parts of our site.
16 LEGAL BASES TABLE
|Processing purpose||Type of data processed||Legal basis|
|To register you as a user on our Platform||Account Data||To perform our contract with you|
|To enable you to use our products and services||Account Data, Transaction Data, Support Data, Technical Data [and User Content]||To perform our contract with you|
|To process your payments||Account Data, Transaction Data, Financial Data||To perform our contract with you|
|To collect overdue amounts||Account Data, Transaction Data, Financial Data||Legitimate interest to recover debts due to us|
|To notify you about changes to our products, services, or terms||Account Data||To perform our contract with you|
|To administer and maintain safety and security of our Platform||Technical Data||To perform our contract with you|
|To study usage of our products or services||Transaction Data, Support Data, Technical Data, Usage Data||Legitimate interest to improve our Platform, products, and services|
|To gather feedback on our products, services, or features||Account Data||Legitimate interest to improve our Platform, products, and services|
|To provide information on products or services that may be of interest to you||Account Data, Preference Data||Consent, which you may withdraw any time|
Last reviewed: Nov 19, 2020