This Privacy Statement sets out details on how International Payments Identity (ipid) Pte. Ltd. and its affiliates (“iPiD”) collect, use and share your data.  

The protection of individuals via the lawful, legitimate and responsible processing and use of their personal data is fundamental human right. Individuals may have a varying degree of understanding or concern for the protection of their personal data. IPID respect the right of the individuals to have control over their personal data and ensure it always acts in full compliance with legislative and regulatory requirements.

This Statement set out how IPID collect, use and share your (“Client/Customer”) data which are self- submitted through our website, or provided in the context of commercial discussions, or in context of the execution of a contract. It outlines IPID’s responsibilities under the applicable laws and regulation, setting out how it will comply and provide instruction for handling personal data.

IPID will be processing the following type of data:

IPID collects personal data for fulfilling its business objectives and for successful conduct of business which includes marketing activities.

At its website, IPID collects personal data and aggregate information that you voluntarily provide there, or by the implementation of cookies (as explained in the next section).

A "cookie" is a small piece of information that is stored on your device (such as your computer) and which records the way that you use a website so that, when you revisit that website, it allows IPID to provide tailored options based on the information that has been collected from your last visit. Cookies can also be used to analyse traffic and, in some cases, for providing you with tailored advertising and marketing.

Users of IPID websites accept cookies, when visiting IPID website for the first time. However, they are not required to turn on cookies in order to have a functioning website. Only after accepting to turn on the cookies, personal data will be processed. A different option is that the user sets his/her browser to warn him/her with a message for each cookie, only the cookies that have been accepted will be processing personal data. Whilst essential cookies are necessary to run IPID websites, the rest are not compulsory and require your consent.

Following are the broad categories of cookies used on our website:

IPID has relationships with online advertisers and social media networks. These partners use cookies and similar technologies for marketing purposes and may serve you with targeted advertising about IPID services while you are on their website, at our request and only with your consent. You can choose to decline the Third-Party Cookies that enable this type of marketing at any time by not accepting the cookies when visiting IPID websites. We encourage you to learn more about how companies use advertising on social media and how to adjust your marketing preferences by checking their privacy statement and opt out options.

Our performance, functionality and third-Party cookies are not strictly necessary for our website to work but will provide you with a better browsing experience. You can delete or block these cookies, but if you do this, you may have to manually adjust some preferences every time you visit our website and some features of the site may not work as intended. Most internet browsers are initially set up to automatically accept cookies, however you can decide at any time what type of cookies you want to accept. You can change the settings on your browser to block cookies or to alert you when cookies are being sent to your device.

IPID may process your personal data, when it is necessary for the compliance with a legal obligation, e.g. to comply with court order or judicial proceedings.

IPID may process your personal data when there is a weighed and balanced legitimate interest where the processing is needed, and such interest is not overridden by the rights of others, including yours. e.g., to provide the service required, internal documentation, contact customers in relation to the transaction or for customer care initiatives.

In certain scenarios, IPID will process personal data from you only after you have provided your consent for that specific purpose. For example, before sending direct marketing materials to customers and/or potential customers. Such consent can be withdrawn, anytime by the Data subjects.

IPID will process end user’s personal data, collected by the Client/Customer to comply with its contractual obligations. For example: IPID will transfer your personal data to third parties in order to provide the service required by you and in alignment with the terms and conditions of such service. 

In alignment with the purposes established in this privacy statement, IPID may disclose personal data from you to:

Data Sub-Processors: IPID will share personal data with third-party service providers, acting on behalf of IPID (hereinafter Data Sub-Processors) including affiliates of IPID acting as Data Sub-Processors to perform services on IPID behalf, for example: information technology, data hosting, marketing, customer care, fraud prevention, etc. IPID takes reasonable measures to ensure that personal data that is processed by sub- Processors is protected and not used or disclosed for purposes other than as directed by IPID.

Third Party Data Controllers and Joint Controllers: IPID will share personal data with third parties acting independently from IPID but only in connection to the services required by you, for example: any intermediary banks or other financial institutions involved in the transaction of IPID services.

Successors: If IPID is purchased by/sold to a third party, in which case personal data held by IPID including you as our customer will be transferred. We will notify you of this through the most appropriate means.

Relevant Authorities: IPID may disclose your personal data as necessary to meet legal and regulatory requirements. This may include lawful requirements to disclose personal data to government and regulatory authorities, for example, disclosures in compliance with suspicious activity reporting requirements under anti-terrorism, anti-money laundering and similar laws and regulations.

IPID shall ensure that appropriate technical and organisational measures are adopted to protect personal data against unauthorised or unlawful Processing and against accidental loss or destruction of, or damage to, such personal data. In the event of an unauthorised intrusion (including any loss of devices containing personal data or unauthorised disclosures) whether physical, electronic or otherwise, to any personal data held by a data processor, the data processor shall inform the data controller of the incident as soon as reasonably practicable. IPID shall also inform the appropriate regulator or the data protection authority of the incident as soon as reasonably practicable. 

IPID will keep the personal data for so long as is necessary to comply with the record retention applicable laws and as necessary to fulfill it’s obligations to perform the Services. 

IPID shares personal data to regulatory and government organizations, partners and clients. All these transfers are made to fulfill the obligations of its contracts and to comply with laws and regulations. Further, if IPID shares personal data to a third party,  IPID ensures that such third parties have sufficient safeguards for data protection as well as it is bound well through required contractual obligations. Further, IPID does not allow such third parties to use the personal data for their own purposes.

In providing services to its customers, IPID may transfer the personal data collected to destinations outside of the country where the personal data was originally collected, within the IPID group of companies, with third party processors, or with IPID partners. This is because the personal data is processed in those other locations. Where IPID do so, IPID ensure that security measures and appropriate safeguards are put in place to protect the personal data and ensure that all transfers comply with applicable data protection law. IPID also ensures that processing is only carried out in accordance with its instructions.

In all cases where IPID transfers personal data across borders, IPID rely on acceptable and defined legal mechanisms to ensure that IPID protects personal data at all times. IPID may use agreements and adequacy' protections that have been defined by the applicable regulations.

Your rights as data subjects whose personal data is processed by IPID are as follows:

For any details on personal data that IPID possess or processes, you may please write to [email protected]

Any breach of Personal Data should be notified in writing to [email protected] Further, IPID has the responsibility to bring it to the attention of the relevant authority as soon as the breach is identified.

IPID reserves its right to update this Statement at any time. Therefore, you as data subjects should periodically review IPID website to make sure they are aware on the latest version.