Privacy Policy
Last updated: January, 2023
Infozone Technologies PTE, Ltd (“Infozone”, “we”, or “us”) is committed to protecting the privacy of our customers, and we take our data protection responsibilities with the utmost seriousness. This Privacy Notice describes how Infozone collects and processes your personal information through this website and applications while providing you with our Services (as defined in the Terms of Use).
Unless specifically described herein, this Privacy Notice does not apply to personal information that our customers provide to us in order to use our Global Travel Rule Services (“Customer Data”), which is instead governed by the customer’s respective privacy policies regarding their collection and process of Customer Data. Our processing of Customer Data will be done in accordance with section 2.2..
To the extent that you are a user of our services, this Privacy Notice applies together with any terms of business and other contractual documents, including but not limited to any agreements we may have with you.
We may revise this Privacy Notice from time to time in our sole discretion. If there are any material changes to this Privacy Notice we will do our best efforts to notify you to the extent required by applicable law.

1. PERSONAL INFORMATION WE COLLECT AND PROCESS

The categories of personal information we collect depends on how you interact with us, and the requirements of applicable law. The definition of personal information will vary depending on the applicable law based on your physical location. The definition that applies to your physical location will apply to you under this Privacy Policy. We collect information that you provide to us, information we obtain automatically when you use our Services, and information from other sources such as third-party services and organizations, as described below.

1.1 Information you provide to us.

In order to provide you with our Services we’ll ask you to provide us with some information about yourself. This information is information we need to provide you with our services.
Account Creation.
We may collect personal information when you create an account such as name, email address and professional details.
Contact Data
. We may collect personal information, such as email address, phone number, or mailing address when you request information about our Services, register for our newsletters, request customer or technical support, or otherwise communicate with us.
Financial Data
. We may collect personal information and details associated with your purchases, including payment information. Any payments made via our Services are processed by third- party payment processors. We do not directly collect or store any payment card information entered through our Services, but we may receive information associated with your payment.
Identity Data
: We may collect personal information related to business contact personal information and information related to your company such as company name, company type, company registration number, registration authority and registration number, certificate of incorporation or registration, company address and business type; and in some cases name of the directors, shareholders, or authorised users including usernames and passwords.
Business Development and Strategic Partnerships
. We may collect personal information from individuals and third parties to assess and pursue potential business opportunities.

1.2 Information we collect from you automatically.

To the extent permitted under the applicable law, we may collect certain types of information automatically, whenever you interact with our site or use the services. This information helps us address customer support issues, improve the performance of our site and Services, improve our performance and protect you and your account from fraud and help us to detect unauthorised access.
We may collect the following information from you:
Automatic collection of Personal Information
. We may collect certain information automatically when you use our Services, such as:
  • Online identificators. The Internet protocol (IP), browser fingerprint, operating system, browser name and version and geolocation/ tracking data, mobile carrier, mobile advertising and other unique identifiers, and Internet service provider.
  • Usage data and server logs data. We may also automatically collect information regarding your use of our Services, such as pages that you visit before, during and after using our Services, Information about the links you click, the types of content you interact with, the frequency and duration of your activities, and other information about how you use our Services.

1.3 Personal Information we collect from third parties

From time to time, we may obtain information about you from our affiliates or third party sources as required or permitted by applicable law. These sources may include the group of companies related to us by common control or ownership (“Affiliates”). In accordance with applicable law, we may obtain information about you from our Affiliates as a normal part of conducting business, so that we may offer our Affiliates’ Services to you.

2. HOW YOUR PERSONAL INFORMATION IS USED

2.1 Infozone as Data Controller

With respect to any Account Creation, Contact Data, Financial Data, Identity Data, Online Identificator, and Usage Data personal information you provide to us or we collect automatically from you we will act as a controller.
Infozone Technologies PTE, a company registered in Singapore with registration number 202218672D, is the data controller for personal information collected in connection with the provision of the Services as described in this section.
We will process this data for the following purposes and on the following legal basis:
  1. Provide our Services
    We use your personal information to fulfil our contract with you and provide you with our Services, such as:
    • Managing your information and accounts;
    • Providing access to our services.
    • Answering request for customer and technical support;
    • Communicating with your about your account, activities on our Services, and policy changes;
    • Processing your Financial Data and other payment methods for products or Services;
    Personal information processed for this lawful basis, contract with the data subject, will be Account Creation, Financial data and Contact Data.
  2. Comply with legal and regulatory requirements
    Our core Services are subject to laws and regulations requiring us to collect, use, store and process your personal information in a specific way. Therefore, under the applicable law, including those relating to Know your Customer (“KYC”), Anti Money Laundering (“AML”) and Countering Financing Terrorism (“CFT”).
    Personal information processed under this lawful basis, compliance with legal obligation will be Identity Data.
  3. To detect and prevent fraud.
    We process your personal information in order to help detect, prevent and mitigate fraud and abuse of our services and to protect you against any funds loss or activity that might compromise your account.
    Personal information processed under this lawful basis, our legitimate interest and the legitimate interest of our users, will be Account Creation, Financial Data, Contact Data and Online Identificators.
  4. Protect, ensure safety and security of our Services, and to improve and/ or troubleshoot any potential problems relating to our Service.
    We will use your Identity and Technical Data to administer and protect our Service, to ensure the safety and security of our Service and to improve and/ or troubleshoot any potential problem relating to our Service.
    Personal information processed under this lawful basis, our legitimate interest and the legitimate interest of our users.
  5. For any specific purpose that you provide your consent for.
    In specific situations, from time to time and under applicable law, we may ask for your consent to process your personal information. In such situations you may opt out of having your personal information shared with third parties, or allowing us to use your personal information for any purpose that is incompatible with the purposes for which we originally collected it or subsequently obtained your authorization. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

2.2 Infozone as Data Processor

When we process your Customer Data you submit to us to use our Travel Rule Services -as defined in our Terms and Conditions-, we act as data processors. Therefore, Customers will remain as controllers in regard to any Customer Data that is transmitted via our Travel Rule Services.
The messages and data flows between our customers are encrypted with strong organisational, physical and security measures implemented. We are continuously monitoring transfers of information to ensure the effectiveness and protection of the data transmitted from end to end. Encryption along with customer to customer authentication are implemented to prevent unauthorised access, or any malicious actions from any source. Transfer of information is regularly monitored to protect our services from malicious activities.
Due to our processor role, we have no access, nor will seek access to your Customer Data being transmitted. Thus we will be unable to reply to any data subject request submitted by any of our Customers end users. Customers should check their data privacy, data protection, regulatory and legal requirements to make sure they comply with their legal and regulatory obligations. Customers are encouraged to assess and ensure they have relevant consent (when legally required), sufficient notice and a clear legal basis for their processing activities among other legal requirements prior to submitting any Customer Personal Data thru our Services.

3. SHARING INFORMATION WITH THIRD PARTIES

We may share your personal information with third parties if we believe that sharing your personal information is in accordance with, or required by, any contractual relationship with you or us, applicable law, regulation or legal process.
We may also share personal information with the following persons or in the following circumstances:
  • Third party service providers
    : We employ other companies and individuals to perform functions on our behalf. These third-party service providers only have access to personal information needed to perform their functions, but may not use it for other purposes. Further, they must process the personal information in accordance with our contractual agreements and only as permitted by applicable data protection laws.
  • Legal Authorities
    : We may be required by law or by Court to disclose certain information about you or any engagement we may have with you to relevant regulatory, law enforcement and/or other competent authorities. We will disclose information about you to public authorities. We will disclose information about you to public legal authorities to the extent we are obliged to do so according to the law. We may also need to share your information in order to enforce or apply our legal rights or to prevent fraud. We do not have access nor can view the Customer Data transmitted when using the Services. Therefore, all inquiries or requests received from law enforcement authorities with respect to this data will be referred to the Customer.
  • Business transfers
    : As we continue to develop our business, we might sell or buy other businesses or services. In such transactions, user information generally is one of the transferred business assets but remains subject to the promises made in any pre-existing Privacy Notice (unless, of course, the user consents otherwise). Also, in the unlikely event that Infozone or substantially all of its assets are acquired, user information will be one of the transferred assets.
  • Protection of Infozone and others
    : We release accounts and other personal information when we believe release is appropriate to comply with the law or with our regulatory obligations; enforce or apply our Terms of Use and other agreements; or protect the rights, property or safety of Infozone, our users or others. This includes exchanging information with other companies and organisations for fraud protection.

4. SECURITY

We design our systems with your security and privacy in mind. We have appropriate security measures in place to prevent your information being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We work to protect the security of information during transmission and while stored by using encryption protocols and softwares.
We maintain physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of your personal information. In addition, we limit access to your personal information to those employees, agents and other third parties who have a business need to know. They will only process your Personal information on our instructions and they are subject to a duty of confidentiality and a duty to comply with data protection procedures. We have put in place procedures to deal with any suspected Personal Data breach and will notify any applicable regulator of a breach where we are legally required to do so.

5. DATA RETENTION

We keep your personal information to enable your use or our Services, for as long as it is required in order to fulfil the relevant purposes described in this Privacy Notice, and as may be required by law such as for tax and accounting purposes, compliance with laws, or to resolve disputes and/or legal claims or as otherwise communicated to you.
We have processes in place to delete Personal Data when the information is no longer necessary for the purposes for which we have described in this Privacy Notice, unless we are required by an applicable law to keep the data for information for a longer period. When determining the retention period, we take into account several factors, such as the type of information, the reason for which we are processing the information, the impact on the Service that we would have if we delete that personal information and any other possible business purposes and the mandatory retention periods provided by any applicable law.

6. YOUR RIGHTS

When we process personal data as a Data Controller as defined in section 2.1 subject to applicable law, as outlined below, you have a number of rights in relation to your privacy and the protection of your personal information. You have the right to request access to, correct, and delete your personal information, and to ask for data portability. You may also object to our processing of your personal information or ask that we restrict the processing of your personal information in certain instances. In addition, when you consent to our processing of your personal information for a specified purpose, you may withdraw your consent at any time. If you want to exercise any of your rights please Contact Us. These rights may be limited in some situations - for example, where we can demonstrate we have a legal requirement to process your personal data.
  • Right to access: you have the right to obtain confirmation that your personal information are processed and to obtain a copy of it as well as certain information related to its processing;
  • Right to rectify: you can request the rectification of your personal information which are inaccurate, and also add to it. You can also change your personal information in your Account at any time.
  • Right to delete: you can, in some cases, have your personal information deleted;
  • Right to object: you can object, for reasons relating to your particular situation, to the processing of your personal information. For instance, you have the right to object where we rely on legitimate interest or where we process your data for direct marketing purposes;
  • Right to restrict processing: You have the right, in certain cases, to temporarily restrict the processing of your personal information by us, provided there are valid grounds for doing so. We may continue to process your personal information if it is necessary for the defense of legal claims, or for any other exceptions permitted by applicable law;
  • Right to portability: in some cases, you can ask to receive your personal information which you have provided to us in a structured, commonly used and machine-readable format, or, when this is possible, that we communicate your personal information on your behalf directly to another data controller;
  • Right to withdraw your consent: for processing requiring your consent, you have the right to withdraw your consent at any time. Exercising this right does not affect the lawfulness of the processing based on the consent given before the withdrawal of the latter;
  • Right to lodge a complaint with the relevant data protection authority: We hope that we can satisfy any queries you may have about the way in which we process your personal information. However, if you have unresolved concerns, you also have the right to complain to the data protection authority in the location in which you live, work or believe a data protection breach has occurred.
If you have any questions or objections as to how we collect and process your personal information, please Contact Us.

7. INTERNATIONAL TRANSFER OF PERSONAL DATA

Data subjects who reside in the European Economic Area (“EEA”) should be aware that the personal information will be processed in Singapore and other jurisdictions, as defined by us which may not be subject to equivalent data protection laws as in the EEA. However, when personal information is transferred to a destination outside of the EEA, we will ensure that a transfer only takes place if an appropriate level of protection exists and suitable safeguards are provided.
We also rely on decisions from the European Commission where they recognise that certain countries and territories outside the European Economic Area ensure an adequate level of protection for personal information. These decisions are referred to as “adequacy decisions”.

8. CONTACT INFORMATION

You can contact us via Contact Us, and will work to address any questions or issues that you have with respect to the collection and processing of your personal information.