This Policy sets out how we handle your personal data. This Policy supplements but does
not supersede or replace any other consents you may have provided to us, or any other
agreements or arrangements that you may have with us, in respect of your personal data.
It applies to all situations where we collect personal data, including through our
website(s), any mobile application(s) provided by us, and personal dealings with you.
In this Policy, “we”, “us” or “our” refers to Troy International Pte. Ltd. “You” refers to the individual whose personal data we collect, hold or use.
If you do not accept this Policy, please do not provide us with your personal data.
What Personal Data We Collect
What is personal data. “Personal data” is data that can be used to identify a natural person. Examples of personal data include name, address, contact details, identification numbers, financial information, IP address, transactional information based on your activities on our website(s) and mobile application(s), telephone numbers, email address, images, and any other information of a personal nature. In some countries (including Singapore), the personal data protection laws do not extend to business contact information. We will comply with applicable laws in our handling of your personal data.
Voluntary provision of personal data. What personal data we collect depends on the purposes for which the personal data is collected and what you have chosen to provide. You can choose not to provide us with personal data. However, if you do so, it may not be possible for us to fulfil the purposes for which we require the personal data, including processing your transactions or providing you with the products and services that you require.
Providing personal data belonging to others. If you provide the personal data of anyone other than yourself (e.g. your family members), you are responsible for informing him/her of the specific purposes for which we are collecting his/her personal data and to ensure that he/she has provided valid consent for you to provide his/her personal data to us.
Accuracy and completeness or personal data. It is important that the personal data we hold about you is accurate and up to date. It is your responsibility to ensure that all personal data that you provide is accurate and complete, and to inform us of relevant changes to your personal data.
What we collect. The information we collect about you may include:
contact information (such as your name, email, telephone number and address);
information required by applicable laws governing financial institutions, including laws for the prevention of money laundering;
your login and password details;
your bank account details;
copies of your current valid government-issued photo identification;
details of any transactions you make through our website(s) or mobile application(s);
information provided via your mobile devices, such as your location, phone ID, mobile user name, password, contacts, location;
communications with us (for example, when you ask for support, send us requests, questions or comments, or report a problem, whether by mail, telephone, online, or any other means).
How We Collect Your Personal Data
Personal data you provide. We collect personal data that is relevant to our relationship with you. Your personal data may be collected by us, directly or indirectly, for instance:
when you visit our website(s), download or use our mobile application(s), or register a user account with our website(s) or mobile application(s);
when you use our services or enter into transactions with us (or express an interest in doing so);
when you communicate with us by telephone, email, via our website(s) or through other communication channels, for example, through social media platforms;
when you apply to be a member of any of our customer loyalty programs, or respond to our promotions, or subscribe to our mailing lists;
when you participate in competitions, contests or games organised by us;
when you attend events or functions organised by us, or conducted at our establishments;
when your images are captured by us via CCTV cameras while you are within our premises, or when photographs or videos of you are taken when you attend events or functions organised by us;
when we seek information about you and receive your personal data in connection with your relationship with us, for example, if you are a director or shareholder;
when you seek employment, internship or secondment opportunities with us or when you provide documents or information including your resume/CVs in connection with such applications; and/or
when you submit your personal data to us for any other reason.
Personal data provided by others. Depending on your relationship with us, we may also collect your personal data from third party sources, for example:
from companies offering information to enable us to conduct customer due diligence (if you are a customer of our mobile applications);
from your referees, educational institutions or previous employers (if you have applied to us for a position);
from your family members or friends who provide your personal data to us on your behalf; and/or
from public agencies or other public sources.
Purposes for Our Collection, Use and/or Disclosure of Your Personal Data
General purposes. Generally, we collect, use, disclose and process your personal data for purposes connected or relevant to our business, or to manage your relationship with us, such as:
to provide you with access to your account with us;
processing your transactions with us, or to provide products and services to you;
to notify you about important changes/developments to our platform(s) and services, industry developments, and offers and events held by us;
to provide reports and for general management purposes (e.g. invoicing, account management)
to communicate with you including responding to your enquiries, feedback and/or complaints and resolving disputes;
to comply with regulatory requirements and provide assistance to law enforcement agencies;
to prevent, detect or prosecute cases of fraud/crime and comply with legal and regulatory obligations;
administrative purposes, including finance, IT and HR purposes, quality assurance and staff training;
security and safety purposes, in connection with our premises, or events organised or conducted by us;
to carry out research and statistical analysis, including development of new products and services or evaluation and improvement of our existing products and services;
to facilitate business asset transactions;
to enforce legal obligations owed to us, or to respond to complaints, litigation or investigations concerning us;
the purposes that you are notified of when your personal data is collected; and/or
any other reasonable purposes related to the aforesaid.
Marketing purposes. If you have given your consent, we may use your personal data for the purposes of marketing our products and services and those of our strategic partners and business associates e.g. informing you of our latest activities, special offers and promotions. In order for us to market products and services which are of special interest and relevance to you, we may analyse and rely on your overall interaction with us (such as but not limited to your participation in promotions or events and your interactions with us).
Legitimate interests. We may also collect, use, disclose and process your personal data to support our legitimate business interests (provided that this does not override your interests or rights), for example:
Job seeker/employee: If you are a job seeker, in addition to the specific position which you have applied for, we may disclose your personal data to our related companies for the purposes of offering additional employment opportunities.
Investor/shareholder: If you are an investor or shareholder, we may use your personal data to (a) manage investor/shareholder relations; and (b) comply with regulatory requirements.
Managing our business: We may disclose your personal data to third parties who provide services to us, including our service providers and data processors (providing services such as hosting and maintenance services, analysis services, e-mail messaging services, delivery services, handling of payment transactions, marketing, human resources, and professional services) and our consultants and professional advisors (such as accountants, lawyers, auditors).
Use permitted under applicable laws. We may also collect, use, disclose and process your personal data, without your knowledge or consent, where this is required or permitted by law.
Contacting you. When we contact or send you information for the above purposes, we may do so by post, e-mail, SMS, telephone or such other means provided by you. If you do not wish to receive any communication or information from us, or wish to restrict the manner by which we may contact or send you information, you may contact us in accordance with paragraph 10.1.
Sharing your personal data with third parties. When disclosing your personal data to third parties, we will (where appropriate) enter into contracts with these third parties to protect your personal data in a manner that is consistent with applicable laws and/or ensure that they only process your personal data in a manner consistent with the consent you have provided, or in accordance with our instructions.
Transfer of Personal Data to Other Countries
Transfers. We belong to a group of companies which operate in many different jurisdictions, including South Africa. We may transfer your personal data for the above purposes:
amongst ourselves, from the jurisdiction where it is collected to any other jurisdictions that we operate in; and
to third parties in other jurisdictions where necessary
Safeguards. We are committed to safeguarding your personal data when it is transferred across jurisdictions. We ensure that your personal data receives an adequate level of protection regardless of the jurisdiction to which it is transferred. For example, we may enter into contracts (or impose binding rules) with recipients to protect your personal data in a manner that is consistent with applicable laws. You may obtain details of these safeguards by contacting us in accordance with paragraph 10.1.
How We Protect and Retain Your Personal Data
Safeguards. The security of your information is our priority. We keep, protect and process your information in a secure manner by maintaining physical and electronic safeguards, in compliance with applicable laws.
Limited access. We ensure that access to your personal data is limited to employees who are duly authorised and who are trained in handling your personal data. These authorised personnel are required to ensure the confidentiality of your personal data and to respect your privacy at all times. While precautions will be taken to ensure that the personal data you provide is protected against unauthorised or unintended access, we cannot be held responsible for unauthorised or unintended access that is beyond our control.
Vulnerabilities. We do not guarantee that our systems or applications are invulnerable to security breaches, nor do we make any warranty, guarantee, or representation that your use of our systems or applications is safe and protected from viruses, worms, Trojan horses, and other vulnerabilities. We also do not guarantee the security of data that you choose to send us electronically. Sending such data is entirely at your own risk.
Purpose for retention. We will retain your personal data for as long as we need the data to fulfil the purposes we collected it for, and to satisfy our business and/or legal purposes, including audit, accounting or reporting requirements. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. If you wish to terminate your account or request that we no longer use your information to provide you services, please contact us in accordance with paragraph 10.1.
Period of retention. How long we keep your personal data depends on the nature of the data, for example: we will keep personal data for at least the duration of the limitation period for bringing claims if the personal data may be required to commence or defend legal proceedings. Some information may be retained for longer, for example where we are required to do so by law.
Anonymised data. In some circumstances we may anonymise your personal data so that it can no longer be associated with you. In such cases, we are entitled to retain and use such data without restriction.
Your Obligation to Supply and Update Your Information
Information required by us. To enable us to provide you services, you are required to provide the information as indicated in respective application or service forms. Should you decline to provide such information, we may not be able to provide you with our products or services.
Accuracy of information. Keeping your data and information accurate and updated is very important to us. You are responsible to ensure that the information which you provide to us is accurate, complete and not misleading and that such information.
Changes to This Privacy Policy
We reserve the right to modify this Policy at any time, so please review it frequently. A copy of the latest Policy can be found at www.troygold.app. The updated Policy will supersede earlier versions and will apply to personal data provided to us previously. Your continued use of our website and app shall be deemed to be your agreement to be bound by the updates to this Policy.
Your Rights
Rights under applicable laws. Depending on the jurisdiction you are in, you enjoy certain rights in relation to our collection, use, disclosure and processing of your personal data. Such rights include:
Access: you may ask us if we hold your personal data and, if we are, you can request access to your personal data. This enables you to receive a copy of and information on the personal data we hold about you.
Correction: you may request that any incomplete or inaccurate personal data we hold about you is corrected.
Erasure: you may ask us to delete or remove personal data that we hold about you in certain circumstances.
Restriction: you may withdraw consent for our use of your personal data, or ask us to suspend the processing of certain of your personal data about you, for example if you want us to establish its accuracy.
Portability: you may request the transfer of certain of your personal data to another party under certain conditions.
Objection: where we are processing your personal data based on a legitimate interest (or those of a third party) you may object to processing on this ground.
If you wish to exercise your rights, you may contact us in accordance with paragraph 10.1. We may require that you submit certain forms or provide certain information to process your request. Where permitted by law, we may also charge you a fee to process your request.
Limitations. We may be permitted under applicable laws to refuse a request, for example, we may refuse (a) a request for erasure where the personal data is required in connection with any claims; or (b) an objection request and continue processing your personal data based on compelling legitimate grounds for the processing.
Complaints. If you are of the opinion that we have not complied with this Policy or we have infringed applicable data protection laws, you have a right to lodge a complaint with any data protection regulator or authority having jurisdiction over us.
Questions and Contact Information
If you would like to: access, correct, amend or delete any personal information we have about you, or exercise any rights you have under applicable laws, register a complaint, or simply want more information regarding this Policy, please contact us at dataprotection@troygold.app.
When you contact us, we may require that you submit certain forms or provide certain information, including verification of your identity, before we are able to respond.
