1. Introduction

At ApeDax, we are dedicated to safeguarding the privacy and confidentiality of the personal data of our Customers, Partners, Consultants, Contractors, Service Providers, Outsourced Third Parties, and others engaged with us. Our commitment is to ensure that our policies, practices, and processes protect the personal data you provide, in accordance with the General Data Protection Regulation (‘GDPR’).

This Privacy Policy outlines our information practices, detailing how ApeDax (“ApeDax,” “we,” “us,” or “our”) collects, uses, discloses, processes, or manages personal data provided by your Business and its Registered Users (referred to as “you,” “your,” or “User”) through our website (“Site”) and the functions available or facilitated by the Site (the “Services”), or in connection with your interactions with us. This Privacy Policy is also part of the “Additional Policies” referred to in the Terms of Use, as amended from time to time (“TOU”).

2. Purposes of This Privacy Policy

1. Personal Data: Refers to data, whether accurate or not, about an individual who can be identified from that data or from that data combined with other information accessible to the organization (including User Credentials).

2. Data Intermediary: An organization that processes personal data on behalf of another organization but excludes employees of that organization.

3. Processing: Refers to any operation or set of operations performed on personal data, including recording, holding, organizing, adapting, altering, retrieving, combining, transmitting, erasing, or destroying. Except where otherwise defined, terms in this Privacy Policy have the same meaning as in the TOU. This Privacy Policy may be updated periodically, with the latest version posted at [xxxxxxxx], taking effect from the posting date and time.

3. Purposes for Collecting, Using, Disclosing, Processing, or Handling Personal Data

By providing personal data to us (including through the Site or Services), you consent to the collection, use, disclosure, processing, or handling of such data by us or our affiliates (including any data intermediaries, related companies, or affiliates) for the following purposes:

a)  responding to your queries, requests and feedback;

b) to maintain your account with us and process payments or verify your identity/ entitlement to use the Site or Services or any part thereof;

c)  to execute the operation, fulfilment, and administration of part of the Services or functions or features of the Site;

d) to facilitate the negotiation, entry and execution into various Contracts with other Users or make certain Third Party Services available on or through the Sites;

e) to communicate with you to inform you of changes to the Site or Services, or our policies, terms and conditions and other administrative information;

f)   to comply with our obligations under the TOU or enforce our rights under (or in connection with) the same;

g)  to comply with any applicable law, judgment, order, code, standard or regulation and participate in (or co-operate with) legal, regulatory or administrative proceedings or directions;

h) to protect and safeguard the operation of the Site and Services including preventing, detecting, reporting and supporting / assisting in investigations into any crime (including fraud, theft, money laundering, terrorism misuse or abuse of the Site or Services), cybersecurity incidences or risks, or any of the same where suspected;

i)   to conduct or facilitate audits for the purposes of meeting legal requirements, compliance or industry standards, or as may be desirable to enhance the standing, quality, scope and capacity of the Site or Services;

j)   to conduct data analytics as referred to in the TOU, including (but not limited to) matching and profiling you (and, for avoidance of doubt, your Registered Users) to provide you with features and functions of the Site or the Services which may be relevant or of interest to you and to improve your user experience and for the purposes of enhancing the Site or Services or developing new product or service offerings; and

k)  such other purposes as may be reasonably related to the above. For the purposes of (j), personal data will be aggregated and / or anonymized, such that no one individual can be identified or recognized from the user statistics in question. You acknowledge and agree that any anonymised data is not personal data and that we have the right to share and disclose such anonymized data with third parties for any purposes.

4. Types of Personal Data We Collect

The types of personal data we collect about you may include:

a)      Personal particulars (NRIC /Passport No., Name, Gender, Date of Birth, Citizenship, Country of Residence)

b)     Personal contact information (Phone No., Mobile Phone No., Residential Address, Mailing Address, Email address)

c)      Corporate information (Corporation incorporation, Register of Directors and Shareholders)

d)     Financial information (Type of credit card, Cardholder Name, Credit Card No.)

e)     Purchase information (Purchase history, Product/Service preferences)

5. Consents

The use of this Site or Services, is subject to the condition that and you hereby warrant and represent to us that any personal data has been provided for any purposes stated in the Privacy Policy is with, at all times, full consent of the individual identified by the personal data (the “data subject”), such consent not having been revoked except where adequate and reasonable advance notice of the same has been given and duly acknowledged by us. You agree and acknowledge that the withdrawal of any consents may impact the ability to proceed with or use any of the Site or Services including our ability to comply with any obligations under the TOU or do anything in connection with any Contracts and such withdrawal of consent will be on the basis that you will release us from any obligations in connection with the same, and that you will indemnify and hold harmless all Indemnified Parties from and against any claim, demand, loss, damage, cost, or liability (including reasonable legal fees) which any of the Indemnified Parties may suffer or suffers in connection with or arising from such withdrawal.

6. Accuracy, Completeness, and Updating of Personal Data

The use of this Site or Services, is subject to the condition that and you hereby warrant and represent to us that any personal data that has been provided for any purposes stated in the Privacy Policy is, at all times, accurate, complete, and kept up to date by you at all times. You can provide us with updates to any information in accordance with the terms of this Agreement.

7. Additional Information for Individuals Subject to EU Data Protection Laws

For users located in the European Economic Area (EEA) or other jurisdictions governed by EU data protection laws (collectively referred to as “European Residents”), we comply with relevant EU data protection laws and provide the following additional information. In this context, “Personal Data” is defined as per the General Data Protection Regulation (EU) 2016/679 (GDPR).

A. Legal Basis for Processing Personal Data

We process Personal Data under the GDPR on one or more of the following legal bases:

• Compliance with Legal Obligations and Regulations: We process Personal Data to meet legal requirements, including “know your customer” obligations, anti-money laundering and anti-terrorism laws, financial crime and fraud prevention, suspicious activity reporting, responding to public authority requests, adhering to economic and trade sanctions, performing customer due diligence, conducting audits and risk assessments, preparing tax reports, fulfilling data retention obligations, and managing legal claims.

• Fulfilment of Contractual Obligations: We process Personal Data to fulfill our contractual commitments under our terms of service, including providing you with our services and customer support, as well as optimizing and enhancing the ApeDax Platform.

• Consent: We process Personal Data based on your consent, including for marketing purposes. You have the right to withdraw your consent at any time, though this will not affect the legality of any processing carried out before the withdrawal.

• Legitimate Interests: We process Personal Data to monitor usage of the ApeDax Platform, prevent fraud, ensure network and information security, perform security checks, engage in direct marketing, and protect your rights. We assess and balance any potential impact on your rights when processing for legitimate interests.

B. European Privacy Rights

European Residents have specific rights under the GDPR concerning their Personal Data, subject to certain legal exceptions. We will inform you of any applicable exemptions in our response to your request. Please provide sufficient information to identify yourself and any other relevant details to assist us in processing your request:

• Right to Access and Rectification: You may request that ApeDax disclose the Personal Data we hold about you and correct any inaccuracies.

• Right to Withdraw Consent: If we process your Personal Data based on consent, you may withdraw that consent. This will not affect the legality of processing based on consent before the withdrawal.

• Right to Erasure: You may request that ApeDax delete your Personal Data.

• Right to Restriction of Processing and Right to Object: You have the right to restrict or object to our processing of your Personal Data under specific circumstances.

• Right to Data Portability: You can request to receive your Personal Data in an electronic format and transfer it to another data controller.

• Right to Complain: You may file a complaint with a data protection supervisory authority.

C. Automated Decision-Making

We may engage in automated decision-making for risk management and fraud detection. When we do, we implement appropriate measures to protect your rights and interests, including the right to human intervention, to present your views, and to challenge the decision.

D. Transfers of Personal Data Outside the EEA

ApeDax ensures that data transfers from the EEA to countries outside the EEA are governed by appropriate data processing agreements and standard contractual clauses approved by the European Commission. We may transfer Personal Data when necessary to fulfill our obligations under our terms of service (including providing and enhancing the ApeDax Platform) and where you have consented to such transfers.

8. Protection and Retention of Personal Data

We implement necessary security measures to protect your personal data from unauthorized access, use, or disclosure. We will share your data only with authorized personnel on a “need to know” basis and require third-party data intermediaries to adhere to stringent information security arrangements. Personal data no longer needed will be securely destroyed or disposed of in accordance with our Document Retention Policy.

9. Your Obligations to Ensure Security & Confidentiality

You are responsible for maintaining the security and confidentiality of any personal data provided by or through you, including User Credentials. If accessing the Site via any device, you agree to apply appropriate security measures.

10. Transfers of Your Data

Personal data submitted to us may be transferred to other territories for processing by third-party data intermediaries. We ensure that such transfers comply with applicable laws and that data intermediaries provide an equivalent level of protection as would be required in your location.

11. Cookies / Log Files

We use cookies, web beacons, and similar technologies to enhance your experience on our Site and Services. Cookies are small files stored on your device to help remember your preferences and improve your browsing experience. You can disable or delete cookies through your browser settings, but this may affect your ability to use certain Site features.

11. Queries Concerning Your Personal Data

For any queries, comments, or instructions related to your personal data or this Privacy Policy, please contact our data protection officer at the following addresses:

legal@apedax.com