1.1 Welcome to the GotSurge website (individually and collectively, “GotSurge”, “we”, “us” or “our”). GotSurge takes its responsibilities under applicable privacy laws and regulations (“Privacy Laws”) seriously and is committed to respecting the privacy rights and concerns of all users of our GotSurge website (the “Site”) (we refer to the Site and the services we provide as described in our Site collectively as the “Services”). We recognize the importance of the personal data you have entrusted to us and believe that it is our responsibility to properly manage, protect and process your personal data. This Privacy Policy (“Privacy Policy” or “Policy”) is designed to assist you in understanding how we collect, use, disclose and/or process the personal data you have provided to us and/or possess about you, whether now or in the future, as well as to assist you in making an informed decision before providing us with any of your personal data. Please read this Privacy Policy carefully. If you have any questions regarding this information or our privacy practices, please see the section entitled “Questions, Concerns or Complaints? Contact Us” at the end of this Privacy Policy.
1.2 “Personal Data” or “personal data” means data, whether true or not, about an individual who can be identified from that data, or from that data and other information to which an organisation has or is likely to have access. Common examples of personal data could include name, identification number and contact information.
1.3 By using the Services, registering for an account with us, visiting our website, or accessing the Services, you acknowledge and agree that you accept the practices, requirements, and/or policies outlined in this Privacy Policy, and you hereby consent to us collecting, using, disclosing and/or processing your personal data as described herein. IF YOU DO NOT CONSENT TO THE PROCESSING OF YOUR PERSONAL DATA AS DESCRIBED IN THIS PRIVACY POLICY, PLEASE DO NOT USE OUR SERVICES OR ACCESS OUR WEBSITE. If we change our Privacy Policy, we will post those changes or the amended Privacy Policy on our website or via e-mail. We reserve the right to amend this Privacy Policy at any time.
2.1 We will/may collect personal data about you:
when you register and/or use our Services or Site, or open an account with us;
The above does not purport to be exhaustive and sets out some common instances of when personal data about you may be collected.
2.2 When you visit, use or interact with the Site or our mobile applications, we may collect certain information by automated or passive means using a variety of technologies, which technologies may be downloaded to your device and may set or modify settings on your device. The information we collect may include, without limitation, your Internet Protocol (IP) address, computer/mobile device operating system and browser type, type of mobile device, the characteristics of the mobile device, the unique device identifier (UDID) or mobile equipment identifier (MEID) for your mobile device, the address of a referring web site (if any), and the pages you visit on our website and mobile applications and the times of visit. We may collect, use disclose and/or process this information only for the Purposes (defined below).
2.3 Our mobile applications may collect precise information about the location of your mobile device using technologies such as GPS, Wi-Fi, etc.. We collect, use, disclose and/or process this information for one or more Purposes including, without limitation, location-based services that you request or to deliver relevant content to you based on your location or to allow you to share your location to other users as part of the services under our mobile applications. For most mobile devices, you are able to withdraw your permission for us to acquire this information on your location through your device settings. If you have questions about how to disable your mobile device’s location services, please contact your mobile device service provider or the device manufacturer.
3.1 The personal data that GotSurge may collect includes but is not limited to:
any other information about the user when the user signs up to use our Services or website, and when the user uses the Services or website, as well as information related to how the user uses our Services or website; aggregate data on content the user engages with.
3.2 If you do not want us to collect the aforementioned information/personal data, you may opt out at any time by notifying our Data Protection Officer in writing about it. Further information on opting out can be found in the section below entitled “How can you opt-out, remove, request access to or modify information you have provided to us?”. Note, however, that opting out of us collecting your personal data or withdrawing your consent for us to collect, use or process your personal data may affect your use of the Services. For example, opting out of the collection of location information will cause its location-based features to be disabled.
4.1 In order to use certain functionalities of the Services, you will have to create a user account which requires you to submit certain personal data. When you register and create an account, we require you to provide us with your name and email address as well as a user name that you select. We also ask for certain information about yourself such as your age, birthdate, telephone number, and email address. Upon activating an account, you will select a user name and password. Your user name and password will be used so you can securely access and maintain your account.
5.1 As with most websites, your computer sends information which may include personal data about you that gets logged by a web server when you browse our Site. This typically includes without limitation your computer’s IP address, operating system, browser name/version, the referring web page, requested page, date/time, and sometimes a “cookie” (which can be disabled using your browser preferences) to help the site remember your last visit. If you are logged in, this information is associated with your personal account. The information is also included in anonymous statistics to allow us to understand how visitors use our site.
6.1 As with browsing web pages, when you watch content or download images or other documents on our Site or through the Services, most of the same information is sent to us (including, without limitation, IP Address, operating system, etc.); but, instead of page views, your computer sends us information on the content, images or documents viewed by the Services and the website and time.
7.1 We provide customer service support through email and feedback forms. In order to provide customer support, we will ask for your email address. Aside from this information, we do not ask for any personal data to provide customer support. We only use information received from customer support requests, including, without limitation, email addresses, for customer support services and we do not transfer to or share this information with any third parties.
8.1 From time-to-time, we may request information from users via surveys. Participation in these surveys is completely voluntary and you therefore have a choice whether or not to disclose your information to us. Information requested may include, without limitation, contact information (such as your email address), and demographic information (such as interests or age level). Survey information will be used for the purposes of monitoring or improving the use and satisfaction of the Services and will not be transferred to third parties, other than our contractors who help us to administer or act upon the survey.
9.1 We may collect, use, disclose and/or process your personal data for one or more of the following purposes:
(collectively, the “Purposes”).
9.2 As the purposes for which we will/may collect, use, disclose or process your personal data depend on the circumstances at hand, such purpose may not appear above. However, we will notify you of such other purpose at the time of obtaining your consent, unless processing of the applicable data without your consent is permitted by the Privacy Laws.
10.1 Our Services enable users to share personal information with each other, in almost all occasions without GotSurge’s involvement, to complete transactions. In a typical transaction, users may have access to each other’s name, User ID, email address and other contact and postage information. Our Terms of Service require that users in possession of another user’s personal data (the “Receiving Party”) must (i) comply with all applicable Privacy Laws; (ii) allow the other user (the “Disclosing Party”) to remove him/herself from the Receiving Party’s database; and (iii) allow the Disclosing Party to review what information have been collected about them by the Receiving Party.
11.1 We implement a variety of security measures to ensure the security of your personal data on our systems. User personal data is contained behind secured networks and is only accessible by a limited number of employees who have special access rights to such systems. We will retain personal data in accordance with the Privacy Laws and/or other applicable laws. That is, we will destroy or anonymize your personal data as soon as it is reasonable to assume that (i) the purpose for which that personal data was collected is no longer being served by the retention of such personal data; and (ii) retention is no longer necessary for any legal or business purposes. If you cease using the Site, or your permission to use the Site and/or the Services is terminated, we may continue storing, using and/or disclosing your personal data in accordance with this Privacy Policy and our obligations under the Privacy Laws. Subject to applicable law, we may securely dispose of your personal data without prior notice to you.
12.1 In conducting our business, we will/may need to disclose your personal data to our third party service providers, agents and/or our affiliates or related corporations, and/or other third parties, whether sited in Singapore or outside of Singapore, for one or more of the above-stated Purposes. Such third party service providers, agents and/or affiliates or related corporations and/or other third parties would be processing your personal data either on our behalf or otherwise, for one or more of the above-stated Purposes. Such third parties include, without limitation:
12.2 For the avoidance of doubt, in the event that Privacy Laws or other applicable laws permit an organisation such as us to collect, use or disclose your personal data without your consent, such permission granted by the laws shall continue to apply.
12.3 Third parties may unlawfully intercept or access personal data transmitted to or contained on the site, technologies may malfunction or not work as anticipated, or someone might access, abuse or misuse information through no fault of ours. We will nevertheless deploy reasonable security arrangements to protect your personal data as required by the Privacy Laws; however there can inevitably be no guarantee of absolute security such as but not limited to when unauthorised disclosure arises from malicious and sophisticated hacking by malcontents through no fault of ours.
13.1 The Services are not intended for children under the age of 10. We do not knowingly collect or maintain any personal data or non-personally-identifiable information from anyone under the age of 10 nor is any part of our Site or other Services directed to children under the age of 10. We will close any accounts used exclusively by such children and will remove and/or delete any personal data we believe was submitted by any child under the age of 10.
14.1 Our Site uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses cookies, which are text files placed on your computer, to help the website analyse how users use the Site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and Internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google.
15.1 WE DO NOT GUARANTEE THE SECURITY OF PERSONAL DATA AND/OR OTHER INFORMATION THAT YOU PROVIDE ON THIRD PARTY SITES. We do implement a variety of security measures to maintain the safety of your personal data that is in our possession or under our control. Your personal data is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the personal data confidential. When you place orders or access your personal data, we offer the use of a secure server. All personal data or sensitive information you supply is encrypted into our databases to be only accessed as stated above.
15.2 In an attempt to provide you with increased value, we may choose various third party websites to link to, and frame within, the Site. We may also participate in co-branding and other relationships to offer e-commerce and other services and features to our visitors. These linked sites have separate and independent privacy policies as well as security arrangements. Even if the third party is affiliated with us, we have no control over these linked sites, each of which has separate privacy and data collection practices independent of us. Data collected by our co-brand partners or third party web sites (even if offered on or through our Site) may not be received by us.
15.3 We therefore have no responsibility or liability for the content, security arrangements (or lack thereof) and activities of these linked sites. These linked sites are only for your convenience and you therefore access them at your own risk. Nonetheless, we seek to protect the integrity of our Site and the links placed upon each of them and therefore welcome any feedback about these linked sites (including, without limitation, if a specific link does not work).
16.1 Your personal data and/or information may be transferred to, stored or processed outside of your country. In most cases, your personal data will be processed in Singapore, where our servers are located and our central database is operated. GotSurge will only transfer your information overseas in accordance with Privacy Laws.
17.1.1 To modify your email subscriptions, please let us know by sending an email to our Personal Data Protection Officer at the address listed below. Please note that due to email production schedules, you may still receive emails that are already in production.
17.1.2 You may withdraw your consent for the collection, use and/or disclosure of your personal data in our possession or under our control by sending an email to our Personal Data Protection Officer at the email address listed below in Section 18.2.
17.1.3 Once we have your clear withdrawal instructions and verified your identity, we will process your request for withdrawal of consent, and will thereafter not collect, use and/or disclose your personal data in the manner stated in your request. If we are unable to verify your identity or understand your instructions, we will liaise with you to understand your request.
17.1.4 However, your withdrawal of consent could result in certain legal consequences arising from such withdrawal. In this regard, depending on the extent of your withdrawal of consent for us to process your personal data, it may mean that we will not be able to continue providing the Services to you, we may need to terminate your existing relationship and/or the contract you have with us, etc., as the case may be, which we will inform you of.
17.2.1 If you have an account with us, you may personally access and/or correct your personal data currently in our possession or control through the Account Settings page on the Site. If you do not have an account with us, you may request to access and/or correct your personal data currently in our possession or control by submitting a written request to us. We will need enough information from you in order to ascertain your identity as well as the nature of your request so as to be able to deal with your request. Hence, please submit your written request by sending an email to our Personal Data Protection Officer at the email address listed below in Section 18.2.
17.2.2 For a request to access personal data, once we have sufficient information from you to deal with the request, we will seek to provide you with the relevant personal data within 30 days (or, if you are resident in Malaysia, 21 days). Where we are unable to respond to you within the said 30 days (or, if you are resident in Malaysia, 21 days), we will notify you of the soonest possible time within which we can provide you with the information requested. Note that Privacy Laws may exempt certain types of personal data from being subject to your access request.
17.2.3 For a request to correct personal data, once we have sufficient information from you to deal with the request, we will:
17.2.4 Notwithstanding sub-paragraph (b) immediately above, we may, if you so request, send the corrected personal data only to specific organisations to which the personal data was disclosed by us within a year before the date the correction was made.
17.2.5 We will/may also be charging you a reasonable fee for the handling and processing of your requests to access your personal data. If we so choose to charge, we will provide you with a written estimate of the fee we will be charging. Please note that we are not required to respond to or deal with your access request unless you have agreed to pay the fee.
17.2.6 We reserve the right to refuse to correct your personal data in accordance with the provisions as set out in Privacy Laws, where they require and/or entitle an organisation to refuse to correct personal data in stated circumstances.
18.1 If you have any questions or concerns about our privacy practices or your dealings with the Services, or wish to contact our Personal Data Protection Officer, please do not hesitate to contact: hello [at] gotsurge.co.