BaaSid ("BaaSid" or "BaaSid") respects the privacy of customers and complies with Singapore’s relevant laws and regulations such as Personal Data Protection Act of Singapore ("PDPA").
Article 1 Consent to Collection of Personal Information
In order to make it easy for the user to confirm, BaaSid is notified through the first connection screen before the creating account of the service, and the user regard as agree to the collection of personal information when using the service.
Article 2 Collection and Use of Personal Information
BaaSid collects personal information for the following purposes: The collected personal information will not be used for any purpose other than the following purposes, and the prior consent will be sought if the purpose of use is changed.
① Services and contents offering
② Personal identification or identification progress
③ Classification of verification-level and grant of benefit
④ Payment and calculation of charge
⑤ Handling complaint or dissatisfaction.
⑥ Prevention of illegal or unauthorized use
⑦ Statistical analysis
Article 3 Personal information contents and collecting methods
①. Personally identification information
Personal information such as name, ID number (inherent identification information), residence information, contact number (telephone number), communication device identification information, biometric information, PIN code, pattern, residence information.
②. Financial Information
Card information, payment information, transaction records.
③. Service usage information
IP address, MAC address, operation record, service use record, error record, visit date and time, browser type and OS, software version and usage information, device information
④. Cookie information
BaaSid can use cookie which store user’s information and loaded frequently.
A cookie can follow and store information such as user’s profile or online setting by using small text file or piece of information which is saved in user’s computer or device when Cookie user visit our website. Cookies do not collect information that personally identifies the user, but the collected information can be used to analyze the user's application usage and improve the online experience. You can disable cookies by changing your browser's settings. However, this can affect the functionality of the application
⑤ Collection Method - Homepage, Application
Article 4 Processing and Retention Period of Personal Information
① User's personal information is destroyed when the purpose of collecting personal information or the purpose received is achieved as follows. However, if there is a need to hold for a certain period of time due to the confirmation of the relationship between the rights and obligations of the transaction, such as the Commercial Act,
1. Records on contract or withdrawal of subscription: 5 years
2. Record of payment and goods supply: 5 years
3. Records of consumer complaints or disputes: 3 years
② If the user requests to view transaction information, etc., which the user has consented to, he / she should make sure that he / she can view and confirm it without delay.
③ If the collected personal information becomes unnecessary to keep the personal information file, such as elapsing of the retention period and attaining the purpose of holding, the personal information file is deleted without delay
Article 5 Consignment of personal information, provided by a third party
① In order to improve the service, BaaSid can entrust collecting / handling / management of the user's personal information to the outside.
1. In the case of entrusting the processing of personal information, the user would be notified in advance of the consigning agency and the fact through the notice in the service.
2. In the case of entrusting the processing of personal information, it is necessary to strictly follow the instructions of the service provider regarding the protection of personal information through consignment contracts, to keep the confidentiality of personal information, to prohibit the provision of third parties and to bear responsibility in case of accidents, The return or destruction of the personal information after that, and keep the contents of the contract in writing or electronically.
② In principle, BaaSid process the customer's personal information within the scope of the purpose specified in Article 2, and not process it beyond the original range or give it to a third party without prior consent of the customer. However, in the following cases, it can be use the personal information for purposes other than the purpose or provide it to a third party except when there is a possibility of unfairly infringing the interests of the customer or the third party.
1 If there are unavoidable reasons due to laws or regulations
2 If you need to verify your identity to prevent steal.
3 Provide statistical, market research, etc. in a form that can not identify a specific individual.
4 You have obtained your prior consent.
Article 6. Matters concerning withdrawal and destruction of personal information
The user can at any time revoke the content of the user's consent to the collection, use, and provision of personal information through the use of the service and acceptance of the KYC documents. The withdrawal of consent take necessary measures such as the deletion of personal information immediately by writing, telephone, e-mail, etc. to the person in charge of personal information management. If we take measures such as revoking consent and destroying personal information, we will inform the user without delay.
In principle, when the purpose of collecting and using personal information is achieved, the personal information recorded in an electronic file with the approval of the person responsible for personal information is destroyed in a way that can not be recovered so that the record can not be reproduced, Personal information is destroyed or shredded by a crusher to destroy personal information without delay.
Article 7. Matters on safety assurance measures
① Technical measures
In the handling of personal information of users, BaaSid takes the following technical measures in order to ensure the safety so that personal information is not lost, stolen, leaked, altered or damaged.
1. User's personal information is protected by password, and important data is protected by separate security function by encrypting file and transmission data or using file lock function (Lock).
2. BaaSid adopts a security device (SSL or SET) that can securely transmit personal information on the network using a cryptographic algorithm.
3. In preparation for external intrusion such as hacking, each server uses an intrusion prevention system and vulnerability analysis system to ensure security.
② Administrative measures
And restricts access to the user's personal information to a minimum number of persons. The minimum number of persons is as follows.
1. A person who performs marketing work directly against the user
2. Person who performs personal information management duties such as personal information manager and person in charge
3. Regular in-house training and outsourcing training is conducted for employees who handle personal information, such as acquiring new security technologies and obligation to protect personal information.
4. We have internal procedures to prevent the leakage of information by people through the security pledge of all employees at the time of entering the company and audit the compliance with the personal information protection policy and compliance with the employees. The personal information handler's takeover of the business is carried out thoroughly with security maintained and clarifies responsibility for personal information accidents after entering and leaving the company.
5. Personal information and general data are not stored as a mixture but are stored separately on separate servers.
③ BaaSid is not responsible for any mistakes made by users or risks arising from basic internet risks. Each individual user is responsible for properly managing his / her device and password in order to protect his / her personal information.
In the event of loss, leakage, alteration or damage of personal information caused by mistakes of internal administrator or technical management, BaaSid will notify the user immediately and take appropriate measures and compensation.
Personal information of the user is encrypted and stored and managed. Only the user can know it. The important data has separate security functions such as encrypting the file and transmission data or using the file lock function.
Article 8. Your rights and obligations
① The user must precisely enter personal information in the latest state to prevent unexpected accidents. The responsibility of the accident caused by the inaccurate information entered by the user belongs to the user himself and the use of the service may be restricted when false information such as theft of the other information is inputted.
② Users have the right to protect their personal information and to protect themselves and not to infringe on the information of others. Be careful not to leak user's personal information and be careful not to damage the personal information of others including post. If you do not fulfill such responsibilities and damage the information and dignity of others, you may be punished by related laws.
③ The translation of this guide is provided for the convenience of the user. In case of inconsistency between the English version and the translated version, the English version is prevail.
Article 9. Civil Service on Personal Information
BaaSid identifies the person responsible for personal information protection as follows and takes charge of the business related to personal information processing, handling complaints of information subjects related to personal information processing and remedies.
Person in charge
Name : Edan Jung
Position : Director/Research director
Contact : firstname.lastname@example.org
The information subject promptly reply to and process any inquiries regarding personal information protection inquiries, complaints, damages remedies, etc. that have occurred while using the service (or business) of the company.
Article 10. Infringement Remedies
Users who need to be notified about personal information infringement or need personal information protection consultations can contact the local authorities in their area.
Article 11. Change of personal information processing policy
This personal information processing policy would be applied from the effective date. If there are additions, deletions and corrections of the changes in accordance with the laws and policies, it would be announced through announcements 7 days before the implementation of the changes.
Any issues not covered by this policy will be subject to the notice and related rules updated by BaaSid from time to time.