Privacy Policy

Effective on: March 16, 2021

We, Tongdun International Pte. Ltd (“TD”, “we”, “our”, or “us”) provide online merchants (“Merchant”) a service that helps them prevent and detect fraudulent online transactions (“TD Antifraud”, or “Services”). Such Merchants may be very much the ones you (normally refers to “data subject”, or Merchant’s customers) are now placing an order on. Merchants integrate our TD Antifraud on their e-Commerce websites (and mobile apps, if applicable) where customers like you place orders (“e-Commerce Platform”). This enables us to collect personal data from you.

We take the protection of your personally identifiable information very seriously. This Privacy Policy (“Policy”) explains the privacy practices for our TD Antifraud. It describes how we collect personal information, uses it and share it, and the rights and options available to you to your information. This Privacy Policy forms part of the Terms of Service &Conditions. Please note that this Policy does not cover the practices or policies of Merchants, the e-Commerce Platform, or other parties.

You are not obligated by law to provide us with your personal data, but the e-Commerce Platform may require that you provide us your personal data for it to be able to consider or process the order you place. By using this Site, you consent to the terms of our Privacy Policy and to our collection, use, retention, disclosure and processing of personal information for the purposes as discussed in this Policy. We encourage you to periodically review this page for the latest information on our privacy practices. If you do not agree to this Policy, please do not use our Site, Products or Services.

SUMMARY

The following are the key points of the Privacy Policy. They are listed only for your convenience, and do not substitute the full Policy.

• Your information is processed under your consent or the legitimate interests of the Merchant and of TD.
• We use the information first and foremost to analyze whether the transaction is fraudulent.
• We share your information mainly to operate the TD Antifraud service. For that purpose, we may combine it with information from publicly available data sources or contract with third parties for cross-referencing.
• The Merchant may use TD’s fraud assessment to decide whether to accept or decline your order based solely on automated processing.
• You may request access to your personal information or to have us update, correct, or delete such information, if the law provides you those rights.
• We may store and process information outside the country where you are located.
• We retain the personal data we collect only for as long as needed to comply with our obligations under this Policy.

DATA COLLECTION

Transaction Data. When you place an order with an e-Commerce Platform, we collect various data regarding your transaction such as your name, email, mobile numbers, shipping information, and your additional registration information (if applicable). We also collect the least information about your payment and billing methods but do not collect or keep your full credit card numbers. Meanwhile, through our technical means of investigation, we may discover the data based on public IP address, and transaction information.

Device data. We collect information about the personal computers you use to access the e-Commerce Platform including its models, its operating systems, unique device identifiers, browser types, mobile network information, and the Internet Protocol (IP) addresses through which you accessed the e-Commerce Platform.

Behavior data. We collect the content of your clipboard, and the behavior information such as typing words, dragging items, removing the items from cart, paying fee, login or logout an account, registering an account, sharing an URL, commenting and reviewing, adding items to wish-list, or presenting search query.

Analytical data. We collect analytical data about your use of the e-Commerce Platform. For example, we collect the frequency of your access to the e-Commerce Platform as well as the pages and items on the e-Commerce Platform that you viewed or interacted with.

Publicly available information. Any information, video, image, data, text, documents, or other content posted at your direction onto a public area of the e-Commerce Platform or our Website, becomes publicly published content, even if such content contains Personal Information.

Inquiries. If you contact us with questions or complaints, we will collect the information related to your inquiry and verify your identity. This may include your name, email address, postal address, telephone number and other contact information, depending on the nature of your inquiry.

USE OF COLLECTED INFORMATION

We, as the data processor, process your personal data under your consent or the legitimate interests or the legitimate directions of the Merchant, while the Merchant is the data controller. You may withdraw consent at any time, without affecting the lawfulness of data processing we carried out based on your consent before such withdrawal.

When you place an order on an e-Commerce Platform. We review the aggregate data of your activities across all the e-Commerce Platforms of our Merchants as well as any other data collected. We use this data to provide the e-Commerce Platform a fraud analysis indicating whether or not the order is, in our assessment, a fraudulent online transaction. It is then up to the e-Commerce Platform at its discretion, not us, to accept and process your order or to decline it.

We also use the information we collect for the following purposes:

• Improving and enhancing TD Antifraud and developing new services;
• Statistical analysis of customers’ activities;
• Handling complaints;
• Enforcing this Policy and preventing misuse of the TD Antifraud;
• Taking any action in any case of a dispute involving you, with respect or in relation to TD Antifraud; and
• Any other action that may be mandated by law or undertaken to protect our legal rights and property and those of third parties.

We will not engage in what is known as “automated decision-making,” which involves making decisions with legal or similarly significant effects solely based on automated processing of personal information, unless you explicitly consented to the processing, the processing is necessary for entering into, or to perform a contract, or when authorized by applicable laws.

SHARING INFORMATION COLLECTED

We may share the information outlined in this Policy with others, in the following instances:

• To help us provide TD Antifraud services, we may share information with our contractors and service providers. In providing them with your Personal Data, we require that these third parties maintain at least the same level of data protection that we maintain for your Personal Data.
• We may share limited elements of the personal data we collect with several third parties and operators of online publicly available data sources (such as online search engines, online mapping services, etc.). We do this to cross-reference, verify, and enhance the accuracy of the data we collect. Those data sources may use the data we share with them for their own purposes, in accordance with their own policies. You may turn to read their privacy policies for more detail.
• On rare occasions, we may share limited elements of your personal data with the Merchant with whom the transaction was made for review or audit purposes.
• Your personal data may be shared with third parties if we believe it is required by law or legitimate legal rights. For this case, we may not be able to ensure that such recipients of your Personal Data will maintain the privacy or security of your personal data.
• We may share information if the operation of the TD Antifraud service is organized within a different framework or through another legal structure or entity (i.e. due to a merger or acquisition).
• We may share personally identifiable information with our corporate group entities (such as affiliates) but their use of such information must comply with the Policy.

Several of these contracts, service providers, or data sources etc., maybe companies operating in countries outside your local territory or the European Economic Area, in legal environments that may not be adequate by your local territory or EU data protection standards. You may opt-out of having your personal data shared with those third parties. However, opting out may prevent us from providing TD Antifraud services and, as a result, use the e-Commerce Platform.

AUTOMATED DECISION MAKING

The e-Commerce Platform may, in its own discretion, use TD’s fraud assessment to decide on whether to accept or decline your order based solely on automated processing. Please direct inquiries concerning the decision about your order to the e-Commerce Platform.

UPDATING, OBTAINING A COPY OR DELETING YOUR PERSONAL INFORMATION

If the law grants you such rights, you may ask to access, correct, or delete your personal information that is stored in our systems. You may also ask for our confirmation as to whether or not we process your personal data. Under certain circumstances, you may have a right to restrict or object to the processing of your personal data.

Subject to the limitations in law, you may request that we update, correct, or delete inaccurate or outdated information. You may also request that we suspend the use of any personal data whose accuracy you contest while we verify the status of that data.

If you wish to exercise any of these rights, contact us at: [corp@tongdun.net]. When handling these requests, we may ask for additional information to confirm your identity and your request.

AGGREGATED INFORMATION

We may use the information we collect to compile aggregated, anonymized, or de-identified information. We may share such anonymized or de-identified information with any other third party, at our sole discretion.

TRANSFER OF DATA OUTSIDE YOUR TERRITORY

We may store and process information in the United States, Singapore, and other countries. We may also process information using cloud services.

We frequently process information under arrangements aimed at providing an adequate level of data protection subject to the applicable laws. This may include processing in countries that the EU has determined maintain adequate data protection, the use of model contract clauses, or other mechanisms.

However, in certain cases, the laws in some of these countries may nevertheless provide a lesser degree of data protection than the laws of your own country. We may transfer your information to entities within other such countries for the purpose of processing as described in this policy. You may opt-out of having your personal data cross-border transmission. However, opting out may prevent us from providing TD Antifraud services and, as a result, use the e-Commerce Platform.

INFORMATION SECURITY

We implement and maintain technical, administrative, and physical measures that are reasonably designed to reduce risks stemming from the loss of information, unauthorized access, or use of information. For example, when you enter sensitive information (such as credit card numbers), we encrypt the transmission of that information with Secure Socket Layer technology (SSL).

However, no measure can provide absolute information security. Therefore, while we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

DATA RETENTION

We retain the personal data we collect only for as long as needed in order to provide the TD Antifraud service or newly developed services under this Policy and comply with applicable laws and regulations. We then either delete it from our systems or anonymize it without further notice to you.

If you withdraw your consent to us of processing your data, we will erase your personal data from our systems (unless the data is required by TD to establish, exercise, or defend against legal claims).

POLICY REGARDING CHILDREN

We do not knowingly collect personal data from children under the age of 18 (or the other children’s age stipulated to the applicable law). If a parent or guardian becomes aware that his or her child has provided us with personal data without their consent, he or she should contact us at [corp@tongdun.net]. If we become aware that a child under the age of 18 has provided us with personal data, we will delete such information from our files unless required to maintain it for law-enforcement or legal purposes.

COOKIES AND OTHER TRACKING TECHNOLOGIES

Some of our Services pages utilize "cookies" and other tracking technologies. A “cookie” is a small file stored on your device that contains information about your computer. We may use cookies for service customization, web analytics and promoting trust and safety. If you would prefer not to accept cookies, you can alter the configuration of your browser to reject all cookies or some cookies. Note, if you reject certain cookies, you may not be able to access all of our Website’s features.

CHANGES TO THIS POLICY

If we make any material change to this Policy, we will post the revised policy to this web page and update the “Effective” date above to reflect the date on which the new Policy became effective.

If we materially change this Policy in a manner that adversely affects your rights or the protections afforded your personal data, we will affect such change only to personal data we collect after the Policy change unless you agree we treat the personal data previously collected under the new Policy.

CONTACT US

You may contact us with any questions or comments, at: [corp@tongdun.net] or by postal mail at:

 

Tongdun International Pte. Ltd

Attn: Privacy Officer

Marina Bay Financial Centre Tower 3

12 Marina Boulevard # 17-01

Singapore 018982