PRIVACY AND DATA PROTECTION POLICY

1.Definitions in Policy

1.1 “Company” shall mean:

a) YY Group of companies inclusive of YYLife Pte Ltd, Hong Ye Group Pte Ltd and 1st Station Pte Ltd; and

b) Core business platforms inclusive of YY Rider, YY Circle, YY Business, YY Pay; and

c) all other relevant subsidiaries, associates, affiliations business entity engaged with YY Group of companies; and

d) the constituent of but not limited to directors, shareholders, members, employees, advisors, managers and legal representatives.

1.2 “Applications” shall mean all mobile applications owned by the Company, that support core functions of YYLife Pte Ltd, and available to Users (ascribed below) and Third Party Providers (ascribed below) for downloads and installations;
1.3 “Software” shall mean all software owned by the Company, that supports the Applications and Platforms (ascribed below), and available to Users (ascribed below) and Third Party Providers (ascribed below) for downloads and installations; and
1.4 “Platforms” shall mean all of the Company’s technology platforms, digital portals and websites that are used in conjunction with her Applications and Software for the purpose of achieving seamless operations of the Company;

2.Introduction

The Company values the information you have provided to the Company or permitted the Company to collect. The Company strive to protect your privacy while providing you with the best service and experience the Company can give. All such personal information in the Company’s possession is collected, valued, used, disclosed and protected in accordance with the Personal Data Protection Act 2012 ("PDPA").

This Privacy and Data Protection Policy applies to all personal data submitted by you and is intended to apply to all personal data submitted the Company via the Company’s Applications, Platforms and Software, and including any personal data that the Company receive from other third parties.

By visiting or using the Company’s Applications, Platforms and Software, you are deemed to agree to the terms and conditions of this Privacy and Data Protection Policy.

You are advised to review this Privacy and Data Protection Policy carefully prior to visiting or using Company’s Applications, Platforms and Software, or otherwise providing any personal data.

3.PDPA

In , Personal data is protected under the Personal Data Protection Act 2012 PDPA).

The PDPA establishes a data protection law that constitute various rules governing the collection, use, disclosure and handling of personal data. It acknowledges both the rights of individuals to protect their personal data, including rights of access and correction; and the requirements of organisations to collect, use or disclose personal data for legitimate and reasonable purposes.

In accordance to Advisory Guidelines on the Personal Data Protection Act (“PDPA”) for NRIC and Other National Identification Numbers (“NRIC Guidelines”), organisations are typically not allowed to collect, use or disclose an individual’s NRIC number (or copy of NRIC) from 1st of September 2019 unless:

a) required under the laws in (or an exception under the PDPA applies); or

b) necessary to accurately establish or verify the identity of the individual to a high degree of fidelity, where the failure to do so would pose a significant safety or security risk or significant impact or harm to an individual and/or organisation.

Personal Information and Other Relevant Data Collected

Personal data as defined in the PDPA refers to data whether genuine or not, about an individual who can be identified from either that particular data, or from that data and other information which the Company have or likely have access to. Personal data is collected where reasonably necessary for the Company’s functions and activities. Personal data that the Company may hold include the following:

a) name, address and contact details;

b) date of birth;

c) NRIC number, FIN number *;

d) bank account details;

e) details of services provided to an individual by the Company;

f) details of an individual's dealings with the Company, including telephone records, email and online interactions;

g) photos and video recordings;

h) your image;

i) voice recordings;

j) location data; and

k) other personal data as may be provided by an individual from time to time.

Some of the information that the Company collects is sensitive in nature. This includes information such as your NRIC or FIN number. The Company only collect this information when permitted by applicable laws and when this is necessary to verify your identity to a high degree of fidelity.

Collection of Personal Data

Wherever possible, the Company will collect personal data directly from you. Notwithstanding the above, the Company may also receive personal data about you from various third parties such as analytics providers, data aggregators, or other providers of technical and delivery services, and public sources.

In addition to the personal data you provide to the Company, certain information related to you that is not considered personal data under the PDPA may also be collected. The Company collect this information to improve the Company’s Applications, Platforms and Software. Such non-personal data may include information such as the internet browser you use or the duration of use of the Company’s Application, Platforms and Software. Lastly, any other purposes that the Company notify you at the point of obtaining your consent.

Use of Cookies

Cookies are small files which require user permission in order to be installed on a computer’s hard drive. Cookies will only start to perform their functions after such permission is granted. By collecting and analysing data on the user’s browsing patterns, cookies allow web applications to respond to the user as an individual by tailoring a web application’s operations to the user’s specific needs and preferences.

Permission for cookies is granted by default in most web browsers. You can however choose to disable this function in your browser’s settings. This may prevent you from taking full advantage of the Company’ Application, Platforms and Software.

The Company may use traffic log cookies to identify which pages are being used. This use is designed to assist the Company in gathering data on webpage traffic. The gathered data is used only for statistical purposes and is removed from the company’s database shortly after.

Overall, the data collected by the cookies is used for the purpose of improving your browsing experience on the Company’ Application, Platforms and Software., to help the Company better understand how the website is performing, and to enable the website to function properly.

Cookies do not grant the Company access to your computer or any information about you outside of your browsing activity on the Company’s Applications and Platforms.

Age Limitations

The Company’s services, Application, Platforms and Software.are only intended for those of sufficient legal age. If a parent or guardian becomes aware that his or her child, who is below the sufficient legal age, has provided the Company with information without their consent, he or she should contact the Company’s data protection officer, whose contact details are listed in section 10 below. The Company will delete such information from the Company’s files within a reasonable timeframe.

Your Consent

By using the Company’s services, Application, Platform and Software, you consent to the collections and use of your personal information and data in the ways herein (subjected to change from time to time as supported by section 8); unless and until you inform the Company on the withdrawal of your consent.

Your consent will also include the exchange of your personal information between the Company’s internal stakeholders, external parties or individuals, to prove the authenticity of your declared status.

1.Use of Your Personal Data

The Company collect personal data for various purposes. Without limitation, these purposes include:

a) to register as a user on the Company’ Application and Platforms

b) to verify your identity;

c) to assess and/or verify your employability;

d) to deliver the services which you have requested, including but not limited to the services provided by the Applications and Platforms;

e) to enable the Company to manage and administer the services which you have requested, including but not limited to the services provided by the Company’ Application, Platforms and Software;

f) to deliver relevant content to you, including advertisements and promotions; and to measure and analyse the effectiveness of the content that the Company serve you;

g) to manage the Company relationship with you including notifying you of any changes to the Company’ Application, Platforms and Software. or any service the Company provides;

h) supplying you with information that is relevant to your existing relationship with the Company;

i) providing customer and marketing support;

j) to investigate and resolve your complaints, discrepancies or enquiries.

k) to contact you in respect to the Company’s services;

l) to administer and protect the Company business and the Platforms including troubleshooting, data analysis and system testing;

m) to improve placement opportunities for you which includes the use of data analytics and artificial intelligence in relation to your personal data to enable the Company in finding appropriate opportunities and to assist employers to assess the suitability of candidates for job vacancy for a spectrum of jobs and industries;

n) to manage staff training and quality assurance;

o) to conduct research and statistical analysis for the maintenance and development of the company’s Application, Platforms and Software;

p) to monitor the Company’s performances and that of the Company’s Application, Platforms and Software;

q) for fraud prevention and detection; or

r) in the Company’s sole discretion, in exceptional circumstances such as national emergency, security concerns, or other situations in which the Company deem that such disclosure is prudent.

2.Sharing Your Personal Data

In the course of providing the Company’s services and products to you, the Company may need to disclose your personal data with classes of internal stakeholders, external parties or individuals. The reasons for which the Company may disclose your personal data are set out under section 2 above. The possible classes of internal stakeholders, external parties or individuals the Company may share your personal data with include without limitations, to the following:

a) other users of the Applications and Platforms

b) the Company’s group of businesses

c) the Company’s affiliates

d) the Company’s partners

e) the Company’s clients

f) the employers

g) principals

h) governmental or regulatory authorities

i) educational institutes to verify on student status authenticity

j) third party service providers (for the purpose of providing the Company administrative or marketing support),

i. Merchants (including food merchants)

ii. the advertisers (including online advertisers)

iii. payment gateway services

iv. mapping services

v. data storage and analytics services

vi. market research and website usage analysis services

vii. educational institutes for verifying of student status authenticity

viii. approved training organisations

ix. professional advisors

x. individuals or party involved in and for the purpose legal proceedings

If any of the Company’s businesses are sold or transferred to another entity, your personal data may be transferred along with the business.

The Company do not sell any personal data or information collected to any external parties or individuals

In the event that any of the above external parties or individuals receiving your personal data are located or are operating outside of , the Company will take reasonable steps to ensure that the overseas recipient provides a standard of protection to your personal data so transferred that is comparable to the protection under the PDPA.

3.Third Party Relations

The Company’s Applications, Platforms and Software may, from time to time, contain links to and from the websites of the Company’s partner networks, advertisers, affiliates and third party service providers.

You may sign up with the Company’s Applications, Platforms and Software through sign-in services such as Facebook connect or Google. This service will authenticate your identity and provide you the option to share personal information with the Company (such as your name and contact details) to pre-set the Company’s sign-up form.

Please note that these websites and any services that may be accessible through them have their own privacy policies and the Company do not accept any responsibility or liability for these policies or for any personal data that may be collected through these websites or services. Please check these policies before you submit any personal data to these websites or use these services.

4.Security

The Company will protect your personal data using industry standard precautions from theft, loss, misuse, disclosure, alteration and unauthorised access. While the transference of electronic data over the internet has inherent risks, the Company will exercise reasonable precautions to ensure your personal data is not subject to unnecessary risks.

The Company although endeavor to provide reasonable security for information the Company process and maintain, no security system can prevent all potential security breaches over the internet, or any electronic storage methods. You have a personal responsibility to safeguard your passwords to the Applications and Platforms.

5.Retention

The Company will retain your personal data for as long as necessary in order to fulfil the purpose for which it was collected, or as required for any legal or business purposes under relevant laws.

In some circumstances the Company will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case the Company may use this information indefinitely without further notice to you.

6.Access, Update, Withdrawal of Consent

Understand that you may have different privacy concerns, you are entitled to be provided, upon request;

(a) access to some or all your personal data that is in the Company’s possession or control; or

(b) information about the ways in which that personal data has been or may have been used or disclosed by the Company within a year before the date of your request

You must submit a request to the Company’s data protection officer, whose contact details are set out in section 10 below, if you subsequently decide to request access to your personal data, update your personal data or withdraw your consent for us to collect, use and/or disclose your personal data, whether partial or in full. Please note that it may take up to 30 business days after receipt of your request to process your request. The Company may require further information from you to accurately verify your identity before processing your request. Kindly also take note that:

a) your updated personal data, will also be sent to all relevant parties which the Company had originally disclosed to them within a year before the date of the update, unless the relevant parties have no more legal or business purposes for the personal data.

b) the PDPA exempts certain types of personal data from being subject to your access request.

c) Should your withdrawal of consent result in any legal consequences arising from such withdrawal, and depending on the extent of your withdrawal of consent, it may result in the discontinuation on your existing relationship with the Company.

7.Policy Variation

The Company reserve the right to amend this Privacy and Data Protection Policy at any time. If material changes are made to this Privacy and Data Protection Policy, they will be posted on this page and date stamped. The Company encourages you to review this page periodically in order for you to stay notified of any changes.

Your continued use of the Company’ Application, Platforms and Software. and acceptance of the Company’s services after any changes to this Privacy and Data Protection Policy constitutes your consent to any such changes, to the extent such consent is not otherwise provided.

8.Complaint Process

If you have any complaint or feedback regarding about how the Company handled your personal data or about how the Company is complying with the PDPA, feel free to contact the Company for clarifications at section 10 below via the company’s DPO.

The Company will certainly strive to deal with any complaint or feedback that you may have fairly and promptly.

9.Contact Us

If you have comments or questions about this Privacy and Data Protection Policy statement, or wish to submit a request mentioned in paragraph 7 above, please contact the Company’s data protection officer at:

Email address: (Hong Ye Group)
(YYLife)

Telephone number: (Hong Ye Group)
(YYLife)

Address:

10.Government Law and Jurisdiction

Nothing in this Privacy and Data Protection Policy shall limit your rights under the Personal Data Protection Act 2012 of , or any other data protection or privacy related law that is applicable to you. This Privacy Policy shall be governed by the laws of the Republic of and you agree to submit to the exclusive jurisdiction of the courts.