1. We at Respiree Pte Ltd (“Respiree”), take your personal data and privacy seriously. This policy explains how we manage your personal data in compliance with Singapore’s Personal Data Protection Act 2012 (“PDPA”).
2. Personal data refers to data, whether true or not, about an individual who can be identified: (a) from that data; or (b) from that data and other information to which we have or are likely to have access. Examples of personal data which you may provide to us include your name, billing address, email address, contact number, residential address, internet protocol (IP) address, login data, profile data, username and password, and location data. For the avoidance of doubt, data that has been anonymised by the removal of personally identifiable information shall not be regarded as personal data.
3. This policy applies to all personal data which we may collect from you or your authorised representative through our mobile application, website, web services, online services or software in relation to sensor devices (“Sensors”) provided by Respiree (the “Service”) or from any other form of interaction with you or your authorised representative, or from third parties.
COLLECTION, USE AND DISCLOSURE OF YOUR PERSONAL DATA
5. We may collect your personal data in the following ways:
5.1. when you access or use the Service;
5.2. when you create an account on the Service;
5.3. when you subscribe to any of our mailing lists or newsletters;
5.4. when you request or place an order or pre-order for any of our products or services;
5.5. when you make a transaction regarding any of our products or services;
5.6. when you contact us whether through our website’s online form, email, text, phone or any other means;
5.7. when you participate in any promotion, activity, campaign, or survey;
5.8. when you log in to your account or otherwise interact with us via an external service or application;
5.9. when you interact with any of our agents, officers, contractors or employees;
5.10. when we receive personal data from third parties such as vendors, suppliers, business partners or customers;
5.11. when you provide your personal data to us for any other reason.
6. The type of personal data we may collect from you includes the following:
7.1. When you register for an account on the Service, we will ask for your name, email address, physical address, contact numbers (home and mobile number), date of birth, gender, height, weight, medical history, account password, your contact preferences, and information necessary for answering any security questions.
7.2. To help improve your experience or enable certain features of the Service, you may choose to provide us with additional information such as customer experience survey and feedback by email to email@example.com.
7.3. We will collect information about how and where you access and use the Service. Such information may include electronic device information, any discounts applied to your orders, IP addresses, log information, browser type, and preferences, location information, online identifiers to enable cookies and similar technologies. We collect information on your order history including data regarding (i) specific products or services you use or order, and (ii) the time and place of your use or order.
7.4. We will also collect information about how and where you access and use the Sensors. Such information may include the date, time, place where the Sensors are used, utility of the sensors and the results generated by the Sensors. Some of the collected information will be used to better improve and further enhance delivery of our services and products.
7.5. When you visit our website, information is automatically collected by the technology platforms providing the experience. For example, your web browser or mobile device may share certain data with us as those devices interact with our website. This data includes device ID, network access, storage information and battery information, cookies, IP addresses, referrer headers, data identifying your web browser and version, web beacons and events.
7.6. When you apply to work for us, we will collect your contact details, resume, and any other information you elect to provide us. We use these details to evaluate your application and to communicate with you regarding that open role.
9. You should ensure that all personal data submitted to us is complete, accurate, true and correct. Any failure on your part to do so may result in our inability to provide you with the products and services you have requested. We shall have the right to request for documentation and carry out the necessary checks to verify the personal data provided by you as part of our user verification processes or as required under law.
10. Respiree processes your personal data for the following purposes:
10.1. to facilitate your use of the Service;
10.2. to administer your account with us, including account verification (i.e., ensuring that only you or someone you have authorized can access your account and information);
10.3. to provide you with any of our products or services;
10.4. to personalise the provision of our services to you;
10.5. to process your order for any of our products or services;
10.6. to arrange for third parties to help us provide or deliver our products or services to you, including (among other things) storage, tracking or delivery of our products or services;
10.7. to better serve you by matching your preferences or needs with our products or services;
10.8. to communicate with you regarding our website, products, services, campaigns, promotions, and surveys, including changes to our terms and conditions and policies;
10.9. to provide you with information we think you may find useful or which you have requested from us;
10.10. to provide you with information on select third parties’ websites, products, services, programs or events which we think may be of interest to you;
10.11. to respond to your queries or requests or provide customer support;
10.12. to manage our business operations including but not limited to employment and human resource purposes;
10.13. to develop or improve any of the Service or our business, website, products, services, or programs;
10.14. to carry out research, data analysis, or surveys relating to the Service, our business or any of our products or services;
10.15. to investigate or process any wrongdoing, complaints, feedback, enforcement action or legal action in relation to our business or the Service;
10.16. for legal purposes, including obtaining legal advice, managing disputes and risks, complying with any laws, regulations, legal obligations or law enforcement requests;
10.17. to conduct audits, to verify that our internal processes function as intended and are compliant with legal, regulatory or contractual requirements.
10.18. to store, host, back up data, including personal data;
10.19. to prevent a threat to life, health or safety, if necessary;
10.20. any other purposes relating to the above purposes.
11. We may disclose or permit the disclosure of your personal data with or transfer your personal data to third parties for the above-mentioned purposes. These third parties, which may be located in or outside your jurisdiction, include but are not limited to: service providers in respect of research and development, data analytics, market or consumer research, marketing, customer service, information technology and website hosting, professional services, packaging, manufacturing, logistics or storage of goods, delivery of goods, and their service providers and related companies.
13. We may share your personal data with a competent public authority, government, law enforcement or regulatory agency as permitted or required by applicable law or regulations.
14. We may share your personal data with any person to whom Respiree proposes to transfer any of its rights and/or duties, including in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock.
15. If we disclose your personal data to these third parties, we endeavour to ensure that the third parties keep your personal data secure from unauthorised access, collection, use, disclosure or processing and retain your personal data only for as long as your personal data is needed to achieve the above-mentioned purposes or in compliance with applicable laws.
17. You should rest assured that we do not sell your personal data to any third party. Our employees and any third parties engaged by us are contractually obligated to protect the privacy and confidentiality of your information.
18. If you have provided to us any third party’s personal data, you shall be deemed to have obtained that party’s consent for the relevant purpose of providing the personal data to us.
19. Additionally, we may disclose your personal data to third parties if we believe that we are required by law to so disclose or that such disclosure is reasonably necessary to protect the rights, property or safety of our customers, the public or us.
REVIEWING AND CHANGING YOUR ACCOUNT INFORMATION; WITHDRAWAL OF CONSENT; ACCESS OR CORRECTIONS
21. You may request:
22.1. access to your personal data held by us;
22.2. correction or deletion of your personal data (but only where it is no longer required for a legitimate business purpose such as completing a transaction);
22.3. that you no longer receive marketing communications;
22.4. that the processing of your personal data is restricted; and/or
22.5. that certain personal data that you have provided to Respiree in a structured, digital form be transmitted to another party, if this is technically feasible.
22. If you would like to request access to, correction or deletion of your personal data, or request that the processing of your personal data be restricted, or opt out of marketing communications, you may (as applicable):
23.1. follow the instructions in the applicable communication;
23.2. email us at firstname.lastname@example.org.
24. If you make a specific request, the request must:
24.1. provide enough information for us to be able to verify you are the person whose personal data we hold or are an authorised representative of that person. We cannot respond to your request unless we can verify your identity or authority to make the request. If possible, this can be done by making the request via your password protected account. If not, we will aim to verify your identity based on personal data we already hold about you. If we need to request further information from you in order to verify your identity, we will only use that personal data for the purposes of identifying you or that you have authorized the request;
24.2. describe your request in enough detail so that we can properly locate the personal data the request relates to. 23. We will respond to your request consistent with applicable law. 24. If your personal data has been provided to us by a third party, you should contact that third party to make such queries, complaints or access and correction requests to us on your behalf.
25. You should note that if you withhold or withdraw your consent to the collection, use or disclosure of your personal data for any purpose, we may not be able to provide or continue providing any of our products and services to you or you may not be able to access certain parts or functions of the website. It is also possible that by doing so, you may breach your contractual obligations to us.
26. If you have any issues, queries, or complaints regarding the processing of your personal data, please contact us at email@example.com.
SECURITY OF YOUR PERSONAL DATA
27. We have implemented technology and policies with the objective of protecting your personal data from unauthorized access and improper use. In particular, we use encryption and apply authentication and verification processes for access to our services, and we regularly test, assess and evaluate the effectiveness of our security measures. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the “Request” section above.
28. We will retain your personal data for as long as we are required or permitted to by law or as relevant for the purposes for which it was collected. We will cease to retain your personal data, or render anonymous or remove such data which can identify you, as soon as it is reasonable to assume that such retention no longer serves the purposes for which the personal data was collected, and is no longer necessary for any legal or business purpose.
COOKIES AND SIMILAR TECHNOLOGIES