In this policy, “NeoPlace”, “we”, “us”, “our” means, collectively, Neocom Technologies Pte Ltd. “You”, “your” or “yours” means the persons to whom this policy applies. The security of your Personal Data is important to us. NeoPlace has in place safeguards to protect the Personal Data stored with us. This policy describes how we may collect, use, disclose, process and manage your Personal Data.
This policy applies to any individual’s Personal Data which is in our possession or under our control.
- What Personal Data we collect
“Personal Data” is data that can be used to identify a natural person. Some examples of Personal Data that we may collect are:
- personal particulars (e.g. name, contact details, residential address, date of birth, identity card/passport details, and/or education details)
- financial details (e.g. income, expenses, and/or credit history);
- images and voice recordings of our conversations with you;
- employment details (e.g. occupation, directorships and other positions held, employment history, salary, and/or benefits);
- tax and insurance information;
- information about your risk profile, investments, investment objectives, knowledge and experience and/or business interests and assets;
- banking information (e.g. account numbers and banking transactions); and/or
- personal opinions made known to us (e.g. feedback or responses to surveys);
- Usage of your Personal Data
We may use your Personal Data for our core business purposes, such as:
- developing and providing facilities, products or services (whether made available by us or through us), including but not limited to:
- transactions and clearing or reporting on these transactions;
- carrying out research, planning and statistical analysis; or
- analytics for the purposes of developing or improving our products, services, security, service quality, and advertising strategies;
- assessing and processing applications, instructions or requests from you or our customers;
- communicating with you, including providing you with updates on changes to products, services and banking facilities (whether made available by us or through us) including any additions, expansions, suspensions and replacements of or to such products, services and banking facilities and their terms and conditions;
- managing our infrastructure and business operations and complying with internal policies and procedures;
- responding to queries or feedback;
- addressing or investigating any complaints, claims or disputes;
- verifying your identity for the purposes of providing facilities, products or services;
- conducting credit checks, screenings or due diligence checks as may be required under applicable law, regulation or directive;
- complying with all applicable laws, regulations, rules, directives, orders, instructions and requests from any local or foreign authorities, including regulatory, governmental, tax and law enforcement authorities or other authorities;
- enforcing obligations owed to us;
- monitoring products and services provided by or made available through us;
- complying with obligations and requirements imposed by us from time to time by any credit bureau or credit information sharing services of which we are a member or subscriber;
- creating and maintaining credit and risk related models;
- financial reporting, regulatory reporting, management reporting, risk management (including monitoring credit exposures), audit and record keeping purposes;
- enabling any actual or proposed assignee or transferee, participant or sub-participant of NeoPlace’s rights or obligations to evaluate any proposed transaction;
- enforcing obligations owed to us; and/or
- seeking professional advice, including legal advice.
We may also use Personal Data for purposes set out in the terms and conditions that govern our relationship with you or our customer. NeoPlace may also collect information on your IP address, your web browser and device, your interactions with NeoPlace’s website as well as your location information (broadly referred to as “usage data”). The collection of such usage data enables us to analyse the use of our website so as to improve your online experience.
- Use of Personal Datafor marketing purposes
We may use your Personal Data to offer you products or services, including special offers, promotions, contests or entitlements that may be of interest to you or for which you may be eligible. Such marketing messages may be sent to you in various modes including but not limited to electronic mail, direct mailers, short message service, telephone calls, facsimile and other mobile messaging services. [In doing so, we will comply with the Personal Data Protection Act of Singapore (PDPA).
In respect of sending telemarketing messages to your telephone number via short message service, telephone calls, facsimile and other mobile messaging services, please be assured that we shall only do so if we have your clear and unambiguous consent in writing or other recorded form to do so or if you have not otherwise made the appropriate registration of that number with the Do Not Call Registry. If we have an ongoing relationship with you and you have not indicated to us that you do not wish to receive telemarketing messages sent to your telephone number, we may send you telemarketing messages to that number related to the subject of our ongoing relationship via short message service, facsimile and other mobile messaging services (other than a voice or video call).
You may at any time request that we stop contacting you for marketing purposes via selected or all modes. To find out more on how you can change the way we use your Personal Data for marketing purposes, please contact us.
Nothing in this section shall vary or supersede the terms and conditions that govern our relationship with you.
- Disclosure and sharing of Personal Data
We may from time to time and in compliance with applicable laws on data privacy, disclose your personal data to any personnel of NeoPlace or to third parties, whether located in Singapore or elsewhere, in order to carry out the purposes set out above. Please be assured that when we disclose your Personal Data to such parties, we require them to ensure that any Personal Data disclosed to them are kept confidential and secure. For more information about the third parties with whom we share your Personal Data, you may, where appropriate, wish to refer to the agreement(s) and/or terms and conditions that govern our relationship with you or our customer. You may also contact us for more information (please see the “How to contact us” section below).
We wish to emphasize that NeoPlace does not sell Personal Data to any third parties and we shall remain fully compliant of any duty or obligation of confidentiality imposed on us under the applicable agreement(s) and/or terms and conditions that govern our relationship with you or our customer or any applicable law. We may transfer, store, process and/or deal with your Personal Data outside Singapore. In doing so, we will comply with the PDPA.
- Access and Correction of Personal Data
As NeoPlace relies on your Personal Data to provide products and services to you, you shall ensure that at all times, the information provided is accurate, complete and up to date. You may review and amend your Personal Data, or withdraw your consent to our use of your Personal Data, at any time by contacting us through any of our Data Protection Officers (as defined below) whose contact details are set out under the section titled, “How to contact us”.
When contacting the Data Protection Officers for assistance, please state (where relevant), your name, address and contact details. Please allow 7 working days for your request to be processed.
If you withdraw your consent to any or all use of your Personal Data, depending on the nature of your request, we may not be able to provide or continue providing our products and services to you, or administer any contractual relationship already in place. You understand and agree that in such instances where we require your Personal Data to fulfil a contractual obligation to you and you withdraw your consent to collect, use or disclose the relevant Personal Data for those purposes, we cannot be held liable for breach of that agreement. Our legal rights and remedies in such event are expressly reserved.
NeoPlace may charge a fee for processing your request to review and amend your Personnal Data. Such a fee depends on the nature and complexity of your access request. Information on the processing fee will be made available to you.
- Care of Personal Data
NeoPlace will take reasonable steps to protect Personal Data in our possession or under our control and ensure that all sensitive information is securely stored to prevent unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks. Any data destroyed will also be disposed of in a manner that protects the privacy of Personal Data in an appropriate way.
While every reasonable effort has been made to ensure that all Personal Data will be so protected, NeoPlace cannot be held responsible for any unauthorised use of such Personal Data and risks that are inherent in all online communications as well as arising from any loss of data provided through our website.
NeoPlace shall cease to retain Personal Data as soon as the purpose of collection is no longer served by the retention and when retention is no longer necessary for business or legal purposes.
We cannot guarantee the security of data that you choose to send us electronically. Sending such information is entirely at your own risk.
- Cookies and related technologies
You may set up your web browser to block cookies from monitoring your website visit. You may also remove cookies stored from your computer or mobile device. However, if you do block cookies you may not be able to use certain features and functions of our websites.
- Other websites
- Retention of Personal Data
Your Personal Data is retained as long as the purpose for which it was collected remains and until it is no longer necessary for any other legal or business purposes.
- How to contact us
To contact us on any aspect of this policy or your Personal Data or to provide any feedback that you may have, please visit any of our branches or get in touch with our customer centre officer in the following ways:
We may amend this policy from time to time to ensure that this policy is consistent with any developments to the way NeoPlace uses your Personal Data or any changes to the laws and regulations applicable to NeoPlace. We will make available the updated policy on our website. All communications, transactions and dealings with us shall be subject to the latest version of this policy in force at the time.
Know Your Customer (KYC) &
Anti-Money Laundering (AML) Policy
The purpose of this KYC and AML policy (the “KYC/AML Policy”) is to inform you of how NeoPlace protects itself from involvement in money laundering or suspicious activity. This KYC/AML Policy shall form part of our terms and conditions (the “Agreement”). Each term starting with a capital letter shall have the meaning ascribed to it in the terms of services of the Agreement.
The KYC/AML Policy shall consist in the following:
- Performing an enterprise-wide risk assessment to determine the risk profile of the Company
- Establishing AML policies and procedures
- Implementing internal controls throughout its operations that are designed to mitigate risks of money laundering
- Performing KYC procedures on all users
- Designating a Compliance Officer with full responsibility for the AML Program
- Conducting an annual AML audit
- Providing AML training to all employees
POLICIES AND PROCEDURES
This KYC/AML Policy will be provided to all employees of the Company. Each employee will acknowledge the KYC/AML Policy in writing. All policies and procedures will be reviewed and updated or revised as needed, but no less often than annually.
The Company has developed and implemented internal controls for the purpose of ensuring that all of its operations comply with all AML legal requirements and that all required reports are made on a timely basis.
All of the officers and employees of the Company are required to receive AML training at least annually. New employees will receive appropriate AML training within 30 days of their hire date. Training for all employees will include not only the legal elements of AML laws and regulations but will also cover job specific applications of these laws. Ongoing training will be provided and updated regularly to reflect current developments and changes to laws and regulations.
It is the Company’s policy to ensure that it has reasonably identified each customer who uses the Company’s Platform. Users may be identified using a variety of methods.
NEOPLACE ACCOUNT OPENING PROCEDURES.
Additionally, the Company will, as part of its account-opening process: (i) cross-check the names of users against compliance databases such as the Office of Foreign Assets Control (OFAC) Specially Designated Nationals list and other governmental watch lists; (ii) require users to provide proof of identification; and (iii) not permit any payment above 1,000 Singapore dollars to be made with incomplete account-opening information.
PROOF OF IDENTIFICATION
- Date and place of birth
- Residence address and mailing address if different (PO Box alone will not be acceptable)
- Official issued identification number (e.g., passport number, social security number, employee identification number or individual taxpayer identification number)
- Copy of valid photo identification of the principal(s) involved with the NeoPlace Account (e.g., driver’s license, passport, alien identification card)
Documents used in opening an account relationship must be verified prior to establishing the NeoPlace Account. Verification of identity will require multi-factor authentication, layered security and other controls to ensure a meaningful user identity confirmation process based on NeoPlace Account size or other factors.
The following are examples of verification methods the Company may use:
- Obtaining proof of address, such as a copy of a utility bill or bank statement from the NeoPlace Account holder;
- Comparing the identifying information with information available from a trusted third party source, such as a credit report from a consumer-reporting agency, Veratad, Lexus Nexus Instant ID;
- Analyzing whether there is logical consistency between the identifying information provided, such as the customer’s name, street address, ZIP code, telephone number, date of birth, and social security number (logical verification);
- Utilizing knowledge-based challenge questions;
- Utilizing complex device identification (such as “digital fingerprints” or geo-location checks);
- Obtaining a notarized copy of an individual’s birth certificate for valid identification; or
- When the type of NeoPlace Account increases the risk that the Company will not be able to verify the true identity of the customer through documents is confirmed the NeoPlace Account will be closed.
SUSPICIOUS TRANSACTION AND ACTIVITY REPORTS
The Company will diligently monitor transactions for suspicious activity. Transactions that are unusual will be carefully reviewed to determine if it appears that they make no apparent sense or appear to be for an unlawful purpose. Internal controls will be implemented so that an ongoing monitoring system is in place to detect such activity as it occurs. When such suspicious activity is detected, the Company will determine whether a filing with any law enforcement authority is necessary.
Suspicious activity can include more than just suspected money laundering attempts. Activity may be suspicious, and the Company may wish to make a filing with a law enforcement authority, even if no money is lost as a result of the transaction.
The Company will initially make the decision of whether a transaction is potentially suspicious. Once the Company has finished the review of the transaction details, he or she will consult with the Company’s senior management to make the decision as to whether the transaction meets the definition of suspicious transaction or activity and whether any filings with law enforcement authorities should be filed.
The Company will maintain a copy of the filing as well as all backup documentation. The fact that a filing has been made is confidential. No one, other than those involved in the investigation and reporting should be told of its existence. In no event should the parties involved in the suspicious activity be told of the filing. The Company may inform the Company’s Board of the filing and the underlying transaction.
Reasonable procedures for maintaining records of the information used to verify a person’s name; address and other identifying information are required under this Policy. The following are required steps in the record keeping process:
- The Company is required to maintain a record of identifying information provided by the customer.
- Where the Company relies upon a document to verify identity, the Company must maintain a copy of the document that the Company relied on that clearly evidences the type of document and any identifying information it may contain.
- The Company must also record the methods and result of any additional measures undertaken to verify the identity of the customer.
- The Company must record the resolution of any discrepancy in the identifying information obtained.
- All transaction and identification records will be maintained for a minimum period of five years.
The Company is responsible for directing the annual AML audit of the Company’s operations. The independent audit will be conducted by an independent third party or by Company personnel. The Company will develop corrective action plans for all issues that are raised in the audit and will provide the audit report and all corrective action plans to the Company’s senior management for review. Reports of the corrective action will continue until all are resolved.