Thank you for visiting the ByteHouse website (" Website ").
- This Policy sets out the basis on which we will collect, use, disclose, transfer and/or process your personal data in connection with your use of our Website, Platform and/or Services.
- Certain personal data is collected by us in order to provide you with access to certain functions on the Website, Platform and/or Services.
- This Policy applies to BytePlus Platform and/or Website and all its pages.
- This Policy does not apply to any end-user personal data that we process as a processor on behalf of our business customers in connection with their use of the Services.
Please note that Jurisdiction Specific Supplemental Terms may apply depending on the jurisdiction from which you are accessing or using the Website, Platform and/or Services.
1. What is personal data?
1.1. In this Policy, " personal data " means any information, whether true or not (including for the avoidance of doubt opinions), which directly or indirectly identifies, or which relates to a living individual.
2. Personal data we collect from you
2.1. When you create an account ("Account"), we may process personal data you provide to enable you to access the Website or Platform and use the Services and/or upload content to the Platform, or personal data provided to us by you in accordance with our request. We may also collect personal data from you through automated means when you access the Website, the Platform or use the Services.
2.2. The personal data about you that we may collect include:
(a) Profile information : When you register an Account in order to access the Platform and use the Services on behalf of your organization, you may provide us with personal data such as your username and password, as well as name (and/or nickname, if applicable), avatar, phone number, email address, country/region, and work designation. We may collect such personal data in order to complete your Account registration.
When you complete your Account registration and login to the Platform, you will also need to provide us with your mobile phone number so that we can send you an SMS verification code in order to verify your identity before you can access or use the Services.
If you only browse our Website, you do not need to register an Account and provide us with the above profile information. However you can always provide contact information for us to contact you.
(b) Equipment information and log information :To ensure the safe operation of the Website, Platform and Services and optimize your user experience, we may collect information such as your IP address, operating system, browser type and version number, operation, use, and service logs (including logs of your operations on the account such login/logout, password changing and etc). We may use your device information, service log information to protect your Account, authenticate user identity, and to detect and prevent security incidents.
(c) User behavior data : We may collect user behavior data in the course of your use of the Website, Platform and/or Services in order to analyze, customize and/or improve our service offerings and overall user experience.
(d) Marketing data :When you participate in marketing activities organized by us, our affiliates or third parties, you may be required to provide personal data such as your name, correspondence address, and contact details. If you refuse to provide such information, your ability to participate in the activities may be affected, but this will not affect your use of other functions.
(e) Payment information: including payment card numbers or other third-party payment information (such as PayPal) where required for the purpose of payment.
(f) Personal data which we are required to collect by laws: In addition, we may also collect information about you which we are required by applicable laws or regulations.
3. How we use the personal data collected from you
3.1. We may use, process and/or disclose personal data collected from you for any or all of the following purposes:
(a) verifying your identity;
(b) performing obligations in the course of or in connection with our administration, operation, provision of the Website, Platform and/or our provision of Services to your organization;
(c) responding to, handling and processing queries, requests, applications, complaints and feedbacks from you (or purported to be given by you);
(d) notifying you of changes to the Website, Platform or Services, updates to our agreements, terms or policies, or providing you with updates related to your access to the Website and Platform and use of Services in general;
(e) providing you with user support;
(f) personalizing the content you receive and providing you with tailored content that will be of interest to you, or improving your user experience;
(g) managing your Account/relationship with us;
(h) processing payment or credit transactions, including allowing you to redeem rewards from your participation in marketing activities;
(i) carrying out marketing activities;
(j) carrying out diagnostics, data analysis and testing the Website, Platform and/or Services to ensure their stability and security;
(k) improving the Website, Platform and our Services and products, including adding new features or capabilities;
(l) conducting customer due diligence and personal identification in accordance with laws, regulations and policies including our internal policies;
(m) detecting and combating any abuse of the Website, Platform and/or Services or conduct of any harmful activity, fraud, spam, and illegal activity on the Platform;
(n) complying with any applicable laws, regulations, codes of practice, guidelines, or rules, or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority;
(o) fulfilling any other purposes for which you have provided the personal data;
(p) transmitting to any unaffiliated third parties including our third party service providers and agents, and relevant governmental and/or regulatory authorities, for the aforementioned purposes; and
(q) fulfilling any other incidental business purposes related to or in connection with the above.
3.2. Changes to the purpose of using your personal data
(a) As our business develops, there may be adjustments and changes in the functions of our Website, Platform and/or Services provided by us. Generally, when we deploy a new function or adjust an existing function, the collection, use, disclosure and processing of your personal data will be directly or reasonably connected to the original purpose.
(b) We will update this Policy with any new uses or processing of your personal data that have no direct or reasonable connection with the purposes outlined above.
4. How we share personal data collected from you
4.1. We may share personal data collected from you with the following third parties (which may be located in or outside of Singapore):
(a) Affiliates, Service Providers and Business Partners : We may share personal data collected from you with our other members, subsidiaries or affiliates of our corporate group, with our third party service providers and our business partners who provide data processing services to us (for example, to support the delivery of, provide functionality on, or help to enhance the security of our Website, Platform and/or Services) or who otherwise process personal data for purposes that are described in this Policy (such as marketing activities) or notified to you when we collect your personal data.
(b) Law Enforcement : We may share your personal data with law enforcement agencies, public authorities or other organizations if legally required to do so, or if such use is reasonably necessary to:
(i) comply with legal obligation, process or request;
(ii) enforce our Website Terms of Service and other agreements, policies and standards, including investigation of any potential violation thereof;
(iii) detect, prevent or otherwise address security, fraud or technical issues; or
(iv) protect the rights, property or safety of us, our users, a third party or the public as required or permitted by law (including exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction).
(c) Potential Buyers/Business Asset Transaction : In the event that we discuss or negotiate the sale of any business or assets (whether a result of merger and acquisition activity, liquidation, bankruptcy or otherwise), we may disclose your personal data to the prospective buyer of such business or assets. If we sell, buy, merge with, are acquired by, or partner with other companies or businesses, or sell some or all of our assets, your personal data may be among the transferred assets.
5. How we store personal data collected from you
5.1. In accordance with the applicable laws and regulations, we store personal data collected from youin multiple jurisdictions, including the United States and Singapore.Whenever we transfer personal data to other jurisdictions, we will ensure that such personal data is transferred in accordance with this Policy and as permitted by applicable data protection laws.
5.2. We will retain your personal data for the length of time needed to fulfill the purposes for which such personal data was collected from you, for example, for such time as is necessary to provide you with the Services, to comply with applicable legal, tax or accounting requirements, for our ongoing product improvement purposes or other legitimate business purposes. Beyond such period, we will delete or anonymize your personal data, unless otherwise required by applicable laws or regulations.
6.Your rights to personal data collected from you
We attach great importance to your right to manage your own personal data and shall protect your rights to access, amend and delete your personal data, in accordance with your legal rights.
6.1. Accessing and controlling your personal data
(a) You may also inform us of changes to your personal data, request for access to, correction, restriction of processing and/or deletion of your personal data currently in our possession, or withdraw your consent for the collection, use and/or disclosure of your personal data by us at any time by submitting your request to [email protected]
(b) We will process your request in accordance with applicable laws.
(c) While we respect your decision to withdraw your consent, please note that depending on the nature and scope of your request, we may not be in a position to continue the provision of services to you and we shall, in such circumstances, notify you before completing the processing of your request.
7.Cessation of operations
7.1. If we stop operating, we will cease collecting your personal data in a timely manner, notify you of the cessation of our operations in the form of individual notice or public announcement, and delete or anonymize your personal data in our possession or under our control pursuant to this Policy.
8.1. Our Website, Platform and Services are intended for use and sale on a business to business basis and are not aimed at or suitable for use or purchase by anyone below the age of 18 years or the age of majority in your jurisdiction. If you are below 18 years of age or the age of majority in your country, you must not use the Website, Platform or Services.
9.1. This Policy may be updated by us from time to time to reflect changes to applicable laws, regulations, standards, industry codes or other instruments of a similar nature, or to reflect changes, updates or new features to the Website, Platform or Services. We will use commercially reasonable efforts to generally notify all users of any material changes to this Policy, consistent with the significance of the changes. We will obtain your consent to any changes if and where this is required by applicable data protection laws. However, you should look at this Policy regularly to check for such changes.
9.2. We will also update the "Last Updated" date at the top of this Policy, which shall reflect the effective date of such updated Policy.
10.1. If you have any questions on the protection of your personal data or any concerns, queries, comments or suggestions to this Policy, you can contact us at [email protected] We will endeavor to provide timely feedback on your complaints and reports after verifying your user identity.
10.2. If you are based in the United Kingdom, our designated GDPR representative is:
Cosmo Technology Private Limited
2 Temple Back East, Temple Quay
Bristol, United Kingdom,BS1 6EG
10.3. If you are based in the European Region (other than the United Kingdom), our designated GDPR representative is:
Mikros Information Technology Ireland Limited
Mespil Business Centre, Mespil House, Sussex Road
Dublin 4, Ireland
11. Jurisdiction Specific Supplemental Terms
EEA and UK
If you are using our Website, Platform or Services as a resident of European Economic Area or the United Kingdom, the following additional terms will apply.
1. Legal Basis for Processing
1.1. Our legal basis for collecting and using the personal data described above will dependon the personal data concerned and the specific context in which we collect it.
1.2. However, we will normally collect personal data from you only (i) where we need the personal data to perform a contract with you (i.e., to provide you with the Services), (ii) where the processing is in our legitimate interests or those of a third party (such as your employer to whom the Services are provided) and not overridden by your rights, or (iii) where we have your consent to do so. In some cases, we may also have a legal obligation to collect personal data from you or may otherwise need the personal data to protect your vital interests or those of another person.
1.3. If we ask you to provide personal data to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal data is mandatory or not (as well as of the possible consequences if you do not provide your personal data).
1.4. If we collect and use your personal data in reliance on our legitimate interests (or those of any third party), this interest will normally be to operate, improve and ensure the security and functioning of our Website, Platform and Services, communicating with you as necessary to provide our Services to you, undertaking marketing activities or for the purposes of detecting or preventing illegal activities. We may have other legitimate interests and if appropriate, we will make clear to you at the relevant time what those legitimate interests are.
2. International Transfers
2.1. Your personal data may be transferred to, and processed in, countries other than the country in which you are resident.
2.2. Specifically, our servers are located in Singapore, and our affiliates, business partners and service providers operate around the world. This means that when we collect your personal data we may process it in any of these countries.
2.3. However, we have taken appropriate safeguards to require that your personal data will remain protected in accordance with this Policy. These include implementing the European Commission's Standard Contractual Clauses for transfers of personal data between affiliates, which require all group companies to protect personal data they process from the EEA and/or UK in accordance with European Union or UK data protection law. We have implemented similar appropriate safeguards with our service providers and business partners and further details can be provided upon request.
3. Your Rights
3.1. You have the following data protection rights:
·If you wish to access, correct, update or request deletion of your personal data, you can do so by contacting us using the details provided in the "Contacting us" section above.
·You can object to our processing of your personal data, ask us to restrict processing of your personal data or request portability of your personal data. You can exercise these rights by contacting us using the details provided in the "Contacting us" section above.
·You have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the "unsubscribe" or "opt-out" link in the marketing e-mails we send you or by contacting us using the details provided in the "Contacting us" section above.
·If we have collected and process your personal data with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal data conducted in reliance on lawful processing grounds other than consent.
·You have the right to complain to a data protection authority about our collection and use of your personal data. For more information, please contact your local data protection authority.
3.2. You can exercise these rights at any time by contacting [email protected]
3.3. We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.
4. Data Controller
4.1. The data controller of your information is BytePlus Pte. Ltd. For information about our EU representative, please contact [email protected]
If you are using our Website, Platform and/or Services in Indonesia, the following additional terms will apply. In the event of any conflict between the following additional terms and the provisions of the main body of this Policy, the following terms shall prevail.
If you are using our Services in Indonesia, we will collect, use, disclose and/or process your personal data in accordance with our obligations under the applicable laws in Indonesia relating to the protection of personal data, including: Law No. 11 of 2008 on Electronic Information and Transactions, as amended by Law No. 19 of 2016 (" EIT Law "); Government Regulation No. 71 of 2019 on Management of Electronic Systems and Transactions (" GR 71 "); and Regulation of Minister of Communication and Informatics No. 20 of 2016 on Personal Data Protection in Electronic Systems (" MOCIT Regulation 20 "), collectively, the " Indonesian Personal Data Protection Regulations ".
1. Storage of your personal data
Your personal data will be stored in encrypted form.
We will retain your personal data for at least 5 (five) years following your termination of your Account or such other period as required under the Indonesian Personal Data Protection Regulations.
We may store your personal data outside of the jurisdiction of Indonesia in which our servers or third party cloud servers cooperating with us are located.
2. Transfer of your personal data
Please ensure that you comply with required standards under prevailing Indonesian Personal Data Protection Regulations when transferring your personal data to us.
3. Data breach notification
In circumstances where we become aware of any occurrence of failure relating to your personal data that is under our control (including if there is any incident relating to encrypted data sent to us which becomes readable), we will notify you in writing within 14 (fourteen) days of acquiring knowledge of such failure. Upon sending such notification to you, we will seek your confirmation regarding whether such data protection failure possesses the potential for damages/loss to be suffered by you.
4. Terminating your Account
After your Account is terminated, we will retain your personal data for the period mentioned at paragraph 1.2above. If such retention period has lapsed, we will delete or anonymize your personal data in our possession or under our control pursuant to this Policy.
5. Restriction on the basis of age
By having opened an Account, you represent that you are at least 21 years of age or married or not under guardianship. If you are below 21 years old and you are not married, the Account must be opened under the name of your parent(s) or guardian(s). Further, you represent and warrant that you have obtained consent from your parent(s) or legal guardian(s) unless you indicate otherwise. By consenting, your parent(s) or legal guardian(s) are agreeing to take responsibility for: (i) all your actions in connection with your access to the Platform and/or Services; (ii) any fees or charges associated with your use of any of the Services (as applicable); (iii) your compliance with this Policy; and (iv) ensuring that any action related to your Account will not, in any event, result in any violation of applicable laws and regulations relating to child protections. If you do not have consent from your parent(s) or legal guardian(s) and your parent(s) or guardian(s) is not willing to open the Account under their name, you must cease accessing using our Services.
Updated almost 2 years ago