The purpose of this document ("Policy") is to inform you of how True Certificates Limited, a UK company located at 71-75 Shelton Street, Covent Garden, London WC2H 9JQ (“the Firm”), handles Personal Data.
This Policy applies to Personal Data in our possession or under our control, including Personal Data in the possession of service providers and third parties which we have engaged to collect, use, disclose, or process Personal Data for our purposes. By interacting with us, using our websites (any page on the truecertificates.com domain), including https://www.truecertificates.com/ and https://dashboard.truecertificates.com/ (collectively, “Sites”), submitting information to us, or engaging our services, you agree and consent to the Firm, as well as our service providers and third parties appointed by us on your behalf (collectively, "us", "we" or "our") collecting, using and disclosing your Personal Data in the manner set forth in this Policy.
This Policy supplements but does not supersede nor replace any other consents you may have previously provided to the Firm in respect of your Personal Data, and your consents herein are additional to any rights which to the Firm may have at law to collect, use or disclose your Personal Data.
We may from time to time update this Policy. By continuing to interact with us, subject to applicable law, you agree to be bound by the prevailing terms of the Policy as so updated from time to time.
In this Policy, "Personal Data" refers to any data, whether true or not, about an individual who can be identified (a) from that data; or (b) from that data and other information to which we have or are likely to have access, including data in our records as may be updated from time to time, but excludes "business contact information".
1. We may collect Personal Data from you in the course of our business, including through your use of our Sites, when you contact or request information from us, when you engage our services or as a result of your relationship with one or more of our staff and clients.
2. Depending on the nature of your interaction with us, the Personal Data that we may collect includes:
(a) Unique identifiers (e.g. full name, National Identification Card number, passport number, personal mobile telephone number, voice of an individual and/or facial image of an individual);
(b) Personal particulars (e.g. nationality, gender, date of birth, marital status, and/or education details);
(c) Employment details (e.g. occupation, directorships and other positions held, employment history, salary, and/or benefits);
(d) Contact information (e.g. residential address, email address and/or telephone number);
(e) Financial information (e.g. account numbers, banking transactions and/or cryptocurrency wallet addresses);
(f) Technical information (e.g. information from your visits to our website or applications or in relation to materials and communications we send to you electronically);
(g) Personal opinions made known to us (e.g. feedback or responses to surveys);
(h) Other information (e.g. photographs and other audio-visual information, website Uniform Resource Locator (URL), free-form text, and/or personal description); and/or
(i) Any other information relating to you which you may provide to us.
3. Generally, the Firm may collect Personal Data in various ways including:
a. in the course of your engaging our services, or your providing documentation or information to us;
b. when you subscribe to any of our online services or communication platforms (including electronic publications, updates, alerts, announcements);
c. when you communicate or interact with us via telephone, letters, fax, face-to-face meetings, our Sites, email or other modes of contact;
d. when you request that you be included in an email or other mailing list;
e. as part of our business acceptance processes and about you and others as necessary in the course of providing our services;
f. while monitoring our technology tools and services, including our Sites and email communications sent to and from us;
g. when you provide information to us, or interact with us directly, for instance engaging with our staff or registering on one of our digital platforms or applications;
h. from other sources, such as keeping the contact details we already hold for you accurate and up to date using publicly available sources;
i. when you submit an employment application or provide documents or information such as your resume, from recruitment agencies and employment references;
j. it is provided to us voluntarily by you directly or via a third party who has been duly authorised by you to disclose your Personal Data to us (your “authorised representative”) after
i. you (or your authorised representative) have been notified of the purposes for which the data is collected, and
ii. you (or your authorised representative) have provided written consent to the collection and usage of your Personal Data for those purposes;
k. collection and use of Personal Data without consent is permitted or required by the laws;
l. from public information sources, search services and other third parties; and
m. when you submit your Personal Data to us for any other reason.
4. We shall seek your consent before collecting any additional Personal Data and before using your Personal Data for a purpose which has not been notified to you (except where permitted or authorised by written law).
5. If you provide us with any Personal Data relating to a third party, by submitting such Personal Data to us, you also represent to us and must ensure that you have notified the third party of the terms of this Policy and obtained his consent thereto.
6. Regarding to your visits to our Sites, we may automatically collect the following information:
a. Information about your visit to our Sites, including download errors, the full Uniform Resource Locator (URL), length of visits to our Sites, and products added to your shopping cart.
b. Technical information, including browser type and version, the Internet Protocol (IP) address used to connect your computer to the Internet, operating systems, platforms, time zone setting, and browser plug-in types and versions.
c. Cookies and other Tracking Technologies: We may use web beacons (tracking pixels), cookies, and other tracking technologies to collection information about you when you interact with our emails or Sites, including information about your browsing behaviour on our Sites. We use this information to make improvements to our Sites and your experience, to observe features and areas of our Sites that are more popular, understand the effectiveness of campaigns, count visits, and determine whether an email sent by us was opened and if hyperlinks contained in the emailed was clicked. For detailed information on the cookies we use and the purposes for which we use them, please to read our Cookie Policy.
d. Information we obtain from other sources about you may be combined with information we collect about you.
7. Generally, the purposes for which the Firm collects, uses and discloses Personal Data include:
a. providing our services and managing your relationship with us;
b. responding to, processing and handling your queries, feedback and suggestions;
c. performing obligations in the course of or in connection with our provision of the services requested by you;
d. verifying your identity, processing payments as well as managing our administrative and business operations (including the processing, storage, monitoring and backup of data);
e. providing updates and other communications on developments relating to the Firm;
f. to send administrative email notifications e.g. security, support and/or maintenance notices;
g. to improve our services and communications to you as well as the quality of your interaction with our Sites, including auditing and monitoring its use;
h. complying with applicable laws and regulations, codes of practice or guidelines, policies, procedures, regulatory requirements (which may extend to know-your-client and related reviews) and directions issued by relevant authorities;
i. to fulfil our legal, regulatory and risk management obligations, including establishing, exercising or defending legal claims;
j. sending you marketing information about our services including notifying you of our marketing events, initiatives and promotions, lucky draws, membership and rewards schemes, and other promotions;
k. transmitting to any unaffiliated third parties including our third-party service providers and agents, and relevant governmental and/or regulatory authorities, whether in Singapore or abroad, for the aforementioned purposes;
l. for the purpose of recruitment; and/or
m. any other purpose relating to any of the above.
8. In relation to particular services or in your interactions with us, we may also have specifically notified you of other purposes for which we collect, use or disclose your Personal Data. If so, we will collect, use and disclose your Personal Data for these additional purposes as well, unless we have specifically notified you otherwise.
9. Our Sites may contain links to other sites and resources that are operated or provided by third parties with different privacy practices. We have no control over and do not take any responsibility for these third party websites and their Personal Data handling practices, and you are encouraged to review the Personal Data policies of websites you choose to visit which are linked from our Sites.
10. The use or disclosure by the Firm is necessary to accurately establish or verify the identities of the individuals to a high degree of fidelity. One of our activities is to provide education institutions with the service of issuing tamper-proof transcripts and certificates to their graduates. The education institutions that we may provide this service to have thousands of graduates receiving their transcripts and certificates every year. Such transcripts and certificates, other than containing Personal Data, will also contain other highly confidential information. The result of not verifying the identities of graduates to a high degree of fidelity may lead to the issuance of such highly confidential information to the wrong graduates hence posing a risk of significant personal impact to each affected graduate and significant reputational harm to the affected education institutions. The Firm, having accessed our specific situation, is of the view that, on balance, it is necessary to accurately establish or verify the identity of the individuals, being graduates from education institutions, to a high degree of fidelity.
11. The Firm may disclose your Personal Data in various ways including:
a. where such disclosure is required for performing obligations in the course of or in connection with our provision of the services requested by you;
b. if we believe that your actions are not consistent with our user policies and agreements, or to protect the property, safety, and rights of us or any third party;
c. to technical consultants, vendors, experts or other service providers whether located in Singapore or elsewhere who require access to such information to do work on our behalf;
d. to agents, contractors or third party service providers who provide technology solutions, support, operational or administrative services, such as for our online services, courier services, telecommunications, information technology, payment, payroll processing, training, market research, storage, archival, client support services;
e. in connection with professional indemnity policies, and to our professional advisers including auditors;
f. to any relevant authorities, including professional regulatory bodies and/or law enforcement agencies, whether local or overseas;
g. to the extent necessary to comply with any laws, regulations, rules, directions, guidelines and other similar requirements;
h. where permitted under law, external business and charity partners in relation to the Firm's promotional events and seminars;
i. in connection with, or during negotiations of, any sale, merger of company assets, acquisition or financing of a portion or all of our business to another company or individual;
j. disclose de-identified or aggregated information, which cannot reasonably be used to identify you;
k. at your direction or with your consent; and
l. any other party to whom you authorise us to disclose your Personal Data.
12. The purposes listed in the above clauses may continue to apply even in situations where your relationship with us (for example, pursuant to a contract) has been terminated or altered in any way, for a reasonable period thereafter (including, where applicable, a period to enable us to enforce our rights under any contract with you).
13. You further understand, acknowledge and agree that where you have engaged us to carry out any work in any jurisdictions outside Singapore, the transfer of your Personal Data records to these jurisdictions may be necessary to give effect to your instructions and that you request and consent to our so transmitting your, Personal Data outside Singapore. Personal Data may therefore be exported to, processed and accessed in countries whose laws provide a different level of protection, which may not necessarily be comparable to that provided in Singapore.
14. The consent that you provide for the collection, use and disclosure of your Personal Data will remain valid until such time it is being withdrawn by you in writing. You may withdraw consent and request us to stop using and/or disclosing your Personal Data for any or all of the purposes listed above by submitting your request in writing or via email to our Data Protection Officer at the contact details provided below.
15. While we respect your decision to withdraw your consent, please note that depending on the nature and scope of your request, we may not be in a position to continue providing our services to you and we shall, in such circumstances, notify you before completing the processing of your request. Should you decide to cancel your withdrawal of consent, please inform us in writing or via email to our Data Protection Officer at the contact details provided below.
16. Please note that withdrawing consent does not affect our right to continue to collect, use and disclose Personal Data where such collection, use and disclose without consent is permitted or required under applicable laws.
17. To safeguard your Personal Data from unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks, we have introduced appropriate administrative, physical and technical measures such as up-to-date antivirus protection, encryption and the use of privacy filters to secure all storage and transmission of Personal Data by us, and disclosing Personal Data both internally and to our authorised third party service providers and agents only on a need-to-know basis.
18. You should be aware, however, that no method of transmission over the Internet or method of electronic storage is completely secure. While security cannot be guaranteed, we strive to protect the security of your information and are constantly reviewing and enhancing our information security measures.
19. We generally rely on Personal Data provided by you (or your authorised representative). In order to ensure that your Personal Data is current, complete and accurate, please update us if there are changes to your Personal Data by informing our Data Protection Officer in writing or via email at the contact details provided below.
20. We may retain your personal data for as long as it is necessary to fulfil the purpose for which it was collected, or as required or permitted by applicable laws.
21. We will cease to retain your personal data, or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purpose for which the personal data was collected, and is no longer necessary for legal or business purposes.
22. Transfer of Personal Data to countries outside of your home country may be done. This includes data transfers to our KYC partners.
23. Personal Data transferred continues to receive a standard of protection.
24. If you:
a. have any questions or feedback relating to your Personal Data or our Policy;
b. would like to withdraw your consent to any use of your Personal Data as set out in this Policy;
c. wish to make an access request for access to a copy of the Personal Data which we hold about you or information about the ways in which we use or disclose your Personal Data; or
d. wish to make a correction request to correct or update any of your Personal Data which we hold about you, you may submit your request in writing or via email to our Data Protection Officer at the contact details provided below.
25. If you withdraw your consent to any or all use of your Personal Data, depending on the nature of your request, we may not be in a position to continue to provide our services to you.
26. Without prejudice to the foregoing, by accessing and using our Sites in any way (including without limitation using any documents, data, reports, automated templates or any other materials, or accessing any software programs, database systems or portals made available or enabled via the site), you represent and warrant that you have read, understand and consent to the collection, use and disclosure of your Personal Data as set out above.
27. You may contact our Data Protection Officer if you have any enquiries or feedback on our personal data protection policies and procedures, or if you wish to make any request, in the following manner:
DPO Name: Privacy and Data Officer
Email: enquiry@truecertificates.io
28. This Policy applies in conjunction with any other policies, contractual clauses and consent clauses that apply in relation to the collection, use and disclosure of your Personal Data by us.
29. We may revise this Policy from time to time without any prior notice. You may determine if any such revision has taken place by referring to the date on which this Policy was last updated. Your continued use of our services constitutes your acknowledgement and acceptance of such changes.
TRIAL OFFER - Register now for a no obligation demo and long trial offering (free of charge)
