Privacy Policy

  1. INTRODUCTION

1.1       We are Global DataBank (Singapore) Pte Ltd (UEN 201533450G)  (“GDB” or “we” or “our” or “us”). Protecting your privacy is our main priority. GDB aspires to build our services with a set of strong privacy principles in mind.

1.2       GDB provides a set of productivity and communication services through the GreyApp, GreyNet systems to users around the world (our “GreyApp Services”). GreyApp Services also includes any new service that we may provide in future, from time to time. While GDB provides secure end-to-end encryption of content that you may generate, upload, store or transmit through the GreyApp Services, your use of our GreApp Services may nevertheless involve the collection, use and/or disclosure of your Personal Data (as defined at Section 4 below). It is important for you to understand how this happens and how you may control it, so please read this Privacy Policy carefully.

1.3       By using our GreyApp Services, you understand and consent that GDB may collect, use and/or disclose your Personal Data in accordance with this Privacy Policy, as may be revised from time to time.

1.4       If you wish to contact us regarding this Privacy Policy or any privacy-related matters, please contact our Data Protection Officer via email at dpo@gdbg.com or via postal mail at No.3 Church Street #24-05/06 Samsung Hub, Singapore 049483 (attention: Data Protection Officer, Legal Department).

  1. SCOPE OF THIS PRIVACY POLICY

2.1       This Privacy Policy applies across all of our GreyApp Services. In addition, some of the GreyApp Services may have specific privacy guidelines applicable to their use. Such service-specific privacy guidelines are incorporated into and form part of this Privacy Policy. If any service-specific privacy guidelines are inconsistent with this Privacy Policy, the service-specific privacy guidelines in question will prevail to the extent of the inconsistency.

2.2       This Privacy Policy is incorporated by reference into and forms part of the GreyApp Terms of Service that you have agreed to in order to use our GreyApp and our GreyApp Services (the “Terms of Service”). Any terms used in this Privacy Policy will have the same meaning as the equivalent defined terms in the Terms of Service, unless otherwise defined in this Privacy Policy or the context requires otherwise.

2.3       Please also note that this Privacy Policy does not apply to Personal Data collected through third party services (including any third party websites) that you may access through our GreyApp Services.

  1. CHANGES TO THIS PRIVACY POLICY

3.1       As part of our efforts to ensure that we properly manage, protect and process your Personal Data, we will/may be reviewing our policies, procedures and processes from time to time.

3.2       We reserve the right to amend the terms of this Privacy Policy at our absolute discretion. Any amended Privacy Policy will be posted on our website and can be viewed at http://www.greyapp.com/privacy-policy.php.

3.3       By continuing to use our GreyApp Services after any changes to this Privacy Policy, you are deemed to agree to the revised Privacy Policy.

  1. THE INFORMATION WE COLLECT AND HOW WE COLLECT IT

4.1       In providing our GreyApp Services, in your dealings or interactions with us, when you browse our website, when you use our mobile app or our GreyApp Services, we will/may collect, store, use and/or disclose your Personal Data.

4.2       “Personal Data” means data, whether true or not, about an individual who can be identified (i) from that data; or (ii) from that data and other information to which the organisation has or is likely to have access. Personal Data we collect about you may include without limitation the following:

  • Personal Data that you make available to us when you open an account or subscribe to our GreyApp Services, such as your name, email address and credit card details; Please take note: we use tokenisation method from certified and trusted payment gateway partner to ensure no customer credit card information is exploited. Metadata that is automatically generated by our systems in the regular course of your use of our GreyApp Services;
  • Records of communications that you have made with GDB’s support staff;
  • Shared Information; and/or
  • Information about communications you have made using our GreyApp Services, such as the people you’ve communicated with and the time of your communications;

(“Shared Information” is information about you or relating to you that is voluntarily shared by you on our GreyApp Services, including feedback that you make on our GreyApp Services and information contained in communications that you send to other users)

  1. THE PURPOSES FOR WHICH WE COLLECT, USE OR DISCLOSE YOUR PERSONAL DATA
  • GDB will / may collect, use, disclose and/or process your Personal Data for one or more of the following purposes :
  • administering, facilitating, processing and/or dealing in any matters relating to your use of the GreyApp Services, our GreyApp mobile application and/or our website. This includes but is not limited to software verification or administering software upgrades;
  • providing our GreyApp Services to you;
  • monitoring, processing and/or tracking your use of the GreyApp Services, our GreyApp mobile application and/or our website in order to provide you with a seamless experience, facilitating or administering your use of the the GreyApp Services, our GreyApp mobile application and/or our website, and/or to assist us in improving your experience in using the GreyApp Services, our GreyApp mobile application and/or our website;
  • administering, facilitating, processing and/or dealing in any transactions or activities carried out by you in the GreyApp Services, our GreyApp mobile application and/or our website;
  • carrying out your instructions or responding to any enquiry given by (or purported to be given by) you or on your behalf;
  • contacting you or communicating with you via phone/voice call, text message and/or fax message, email and/or postal mail for the purposes of administering and/or managing your use of the GreyApp Services and/or our GreyApp mobile application. You acknowledge and agree that such communication by us could be by way of the mailing of correspondence, documents or notices to you, which could involve disclosure of certain personal data about you to bring about delivery of the same as well as on the external cover of envelopes/mail packages;
  • carrying out due diligence or other screening activities (including background checks) in accordance with legal or regulatory obligations applicable to us (whether Singapore or another country), the requirements or guidelines of governmental authorities which we determine are applicable to us (whether Singapore or another country), and/or our risk management procedures that may be required by law (whether Singapore or another country) or that may have been put in place by us;
  • to prevent or investigate any fraud, unlawful activity or omission or misconduct, whether or not there is any suspicion of the aforementioned; dealing with conflict of interests; or dealing with and/or investigating complaints;
  • complying with or as required by any applicable law, governmental or regulatory requirements of any jurisdiction applicable to us or our affiliates/associated companies, including meeting the requirements to make disclosure under the requirements of any law binding on us or our affiliates/associated companies, and/or for the purposes of any guidelines issued by regulatory or other authorities (whether of Singapore or another country), with which we or our affiliates/associated companies are expected to comply;
  • complying with or as required by any request or direction of any governmental authority (whether Singapore or of another country) which we are expected to comply with; or responding to requests for information from public agencies, ministries, statutory boards or other similar authorities (whether Singapore or of another country). For the avoidance of doubt, this means that we may/will disclose your personal data to the aforementioned parties upon their request or direction;
  • conducting research, analysis and development activities (including but not limited to data analytics, surveys and / or profiling) to improve our services and facilities in order to enhance any continued interaction between yourself and us connected or in relation to the GreyApp Services, our GreyApp mobile application and/or our website, or to improve any of our products or services;
  • storing, hosting, backing up (whether for disaster recovery or otherwise) of your personal data, whether within or outside Singapore (or whether within or outside your country of residence);
  • facilitating, dealing with and/or administering external audit(s) or internal audit(s) of the business of GDB or that of its affiliates/related corporations;
  • for marketing purpose if you have separately consented to it, and in this regard, we would be providing you by way of postal mail, electronic transmission to your email address(es), voice call, SMS/MMS or fax, depending on the mode of communication you have consented to, with marketing, advertising and promotional information, materials and/or documents relating to products and/or services that GDB (including its affiliates/related corporations) or such third party organisations may be selling, marketing, offering or promoting, whether such products or services exist now or are created in the future; and/or
  • dealing with and/or facilitating a business asset transaction or a potential business assert transaction, where such transaction involves GDB as a participant or involves only a related corporation or affiliated company of GDB as a participant or involves GDB and/or any one or more of GDB’s related corporations or affiliated companies as participant(s), and there may be other third party organisations who are participants in such transaction. “business asset transaction” means the purchase, sale, lease, merger or amalgamation or any other acquisition, disposal or financing of an organisation or a portion of an organisation or of any of the business or assets of an organisation.

(the purposes set out in this paragraph 5.1 above shall be collectively referred to as the “Purposes”)

5.2       Our service-specific privacy guidelines, if any, may more particularly describe how we use Personal Data within the relevant GreyApp Services.

5.3       As noted under Section 16 (Use of your Device by GreyApp) in the Terms of Service, we may require access to or use of your Personal Data within your device in order to provide our GreyApp Services to you. Any Personal Data that we use or access within your device will be treated in accordance with this Privacy Policy and the Terms of Service.

5.4       You may withdraw your consent for the collection, use and/or disclosure of your Personal Data in our possession or under our control by emailing us at dpo@gdbg.com. We will process your request within a reasonable time from such a request for withdrawal of consent being made, and will thereafter not collect, use and/or disclose your Personal Data in the manner stated in your request, unless an exception under the law or a provision in the law permits us to. However, your withdrawal of consent could result in certain legal consequences arising from such withdrawal, including us being unable to perform the transactions requested by you in the GreyApp Services, our GreyApp mobile application and/or our website, as the case may be.

  1. COOKIES, WEB BEACONS AND SIMILAR TECHNOLOGIES

Use of Cookies

6.1       A cookie is a small file containing a string of characters that is placed on your computer, mobile phone or other device when you access a website or other web content. Cookies also enable us to track and target the interests of our users to enhance the user experience on our service or site.

6.2       Where applicable, we use a cookie control system allowing the user on their first visit to our websites or web-based service to allow or disallow the use of cookies on their computer/device. Most web browsers are equipped with this function and additionally will also allow you the option to delete the cookies that has already been stored. However disabling/deleting cookies might affect the user experience of this web site.

6.3       Our websites also utilise flash cookies to improve the user experience. The mechanics of flash cookies are similar to that of browser cookies, except that they are able to handle more complex data as compared to simple text data. Flash cookies do not have access to your computer and unless information is provided on the website or service in question, flash cookies cannot access or store your Personal Data.

Web Beacons

6.4       Some pages on our websites contain “web beacons” (also known as internet tags, pixel tags and clear GIFs). These beacons provide information such as the IP address of a page, its URL, the access time, and the page browser type. We will use log files to store information collected through these web beacons. We also use third party web beacons to help manage our online advertising. This special cookie allows third parties to identify the user’s web browser and hence allow the website to direct users to content that is to their interest. The information thus collected by browser cookies and web beacons are completely anonymous and cannot lead to personal identification. They do not contain your name, address, telephone number or email address.

  1. SHARING OF YOUR PERSONAL DATA

7.1      GDB may/will need to disclose your Personal Data to third parties, whether located within or outside Singapore, for one or more of the above Purposes, as such third parties would be processing your Personal Data for one or more of the above purposes. In this regard, you hereby acknowledge, agree and consent that we may/are permitted to disclose your Personal Data to such third parties (whether located within or outside Singapore) for one or more of the above Purposes and for the said third parties to subsequently collect, use, disclose and/or process your Personal Data for one or more of the above Purposes. Without limiting the generality of the foregoing or of paragraph 5.1, such third parties include:

  • our associated or affiliated organisations or related corporations;
  • any of our agents, contractors or third party service providers that process or will be processing your Personal Data on our behalf including but not limited to those which provide administrative or other services to us such as mailing houses, telecommunication companies, information technology companies and data centres; and
  • third parties to whom disclosure by GDB is for one or more of the Purposes and such third parties would in turn be collecting and processing your Personal Data for one or more of the Purposes.

7.2       Where we permit any third parties to collect and use your Personal Data, we will use reasonable efforts to ensure that such third parties only use your Personal Data: (i) in compliance with this Privacy Policy; or(ii) subject to any other instructions we give them, including any appropriate confidentiality and security measures that we implement.

7.3       You consent to the third party use, sharing and transfer of your Personal Data (both inside and outside of your jurisdiction) as described in this paragraph 7.

7.4       As we continue to develop our business, we or our affiliate companies may be acquired to re-organise our group structure. In these circumstances, it may be the case that your Personal Data is transferred within our group and/or transferred to a third party who will continue to operate our GreyApp Services or similar services under either this Privacy Policy or a different privacy policy which will be notified to you. The party to which your Personal Data is transferred may be located, and use your Personal Data, outside of your jurisdiction. You hereby consent to the foregoing.

  1. COMMUNICATIONS FROM US

We may from time to time send you service-related announcements when we consider it necessary to do so (such as when we temporarily suspend one of our GreyApp Services for maintenance). You may not opt-out of these service-related announcements, which are not promotional in nature.

  1. TRANSFER, STORAGE AND SECURITY OF YOUR PERSONAL INFORMATION

9.1       We operate and may continue to operate servers in a number of jurisdictions around the world, so the server on which your Personal Data is used and stored may not be in your jurisdiction.

9.2       You consent to the transfer of your Personal Data (both inside and outside of your jurisdiction) for the Purposes described in this Privacy Policy.

9.3       We use a variety of security technologies and procedures for the purpose of preventing loss, misuse, unauthorised access or disclosure of Information. In some of our GreyApp Services, we will use encryption technology (such as SSL, 2FA) to protect certain Personal Data provided by you to us. Please be aware that despite our efforts, no data security measures can guarantee 100% security at all times. Our systems and the communications networks through which you access our GreyApp Services may be subject to security breaches and failures which are due to circumstances beyond our reasonable control.

  1. RETENTION OF YOUR PERSONAL DATA

10.1    Subject to applicable laws and regulations, we will only retain your Personal Data for so long as is necessary to fulfill the Purposes as set out under paragraph 5 above or when we continue to have a legal or business purpose to continue retaining the same. 

10.2    If applicable laws and regulations give you the following rights, you may have the right to request access to and make any corrections to your Personal Data which we hold, or to request that we delete any of your Personal Data that is under our possession or control. You may direct such request to our Data Protection Officer. We will need enough information from you in order to ascertain your identity as well as the nature of your request, so as to be able to deal with your request. With respect to your access request, we may charge a fee in order to process it.

10.3    For a request to access Personal Data, once we have sufficient information from you to deal with the request, we will seek to provide you with the relevant Personal Data within 30 days. Where we are unable to respond to you within the said 30 days, we will notify you of the soonest possible time within which we can provide you with the information requested. Note that the PDPA exempts certain types of Personal Data from being subject to your access request.

10.4    For a request to correct Personal Data, once we have sufficient information from you to deal with the request, we will correct your Personal Data within 30 days. Where we are unable to do so within the said 30 days, we will notify you of the soonest practicable time within which we can make the correction. Note that the PDPA exempts certain types of Personal Data from being subject to your correction request as well as provides for situation(s) when correction need not be made by us despite your request. We will send the corrected Personal Data to every other organisation to which the Personal Data was disclosed by us within a year before the date the correction was made, unless that other organisation does not need the corrected Personal Data for any legal or business purpose. 

10.5    Should your account be terminated by you or us for any reason, we will take steps to ensure that your Personal Data is no longer stored or used by us within a reasonable period of time (subject to technical limitations) after such account termination.

10.6    However, it is important to note that communications made by you using our GreyApp Services may put your Personal Data in the hands of third parties that we cannot control – for example, if you have communicated or transmitted your Personal Data to another user.

  1. Complaint Process
  • If you have any complaint or grievance regarding about how we are handling your personal data or about how we are complying with the PDPA, we welcome you to contact us with your complaint or grievance.
  • Please contact us with your complaint or grievance by emailing us at dpo@gdbg.com.
  • We will certainly strive to deal with any complaint or grievance that you may have speedily and fairly.
  1. General

12.1    Your consent that is given pursuant to this Privacy Policy is additional to and does not supercede any other consents that you had provided to GDB with regard to processing of your Personal Data.

  • For the avoidance of doubt, in the event that applicable personal data protection law permits an organisation such as us to collect, use or disclose your Personal Data without your consent, such permission granted by the law shall continue to apply.
  • If you have any queries on this Privacy Policy or any other queries in relation to how we may manage, protect and/or process your Personal Data, please do not hesitate to contact our Data Protection Officer at: dpo@gdbg.com

Last modified: 23rd Jan 2017