The protection of your personal data is of utmost importance to us. We are committed to protecting your personal data in compliance with the data protection laws applicable to you. While data protection laws in Asia may differ and while some countries do not yet have data protection laws in place, we generally aim to protect your personal data to the standard of the Personal Data Protection Act 2012 of Singapore (“PDPA”) or to a stricter standard of the data protection laws applicable to you.
What is “Personal Data”?
“Personal Data” means data, whether true or not, about an individual who can be directly or indirectly identified from that data or from that data and other information to which Flash Coffee has access to. Personal Data which you may provide to us include the following:
When do we collect your Personal Data?
We will only collect your Personal Data where it is reasonable and appropriate to do so in the circumstances, and to the extent necessary in relation to the lawful purposes under the data protection laws applicable to you. We generally do not collect your Personal Data unless (a) it is provided to us voluntarily by you directly or via a third party who has been duly authorised by you to disclose your Personal Data to us (your “authorised representative”) after (i) you (or your authorised representative) have been notified of the purposes for which the data is collected, and (ii) you (or your authorised representative) have provided consent to the collection and usage of your Personal Data for those purposes, or (b) collection and use of Personal Data based on deemed consent or without consent is permitted or required by the data protection laws or other laws applicable to you.
In general, the ways in which Flash Coffee may collect your Personal Data include:
When you use Flash Coffee’s Services via the mobile application:
When you take a survey or interact with Flash Coffee in various other ways
Flash Coffee may also combine information collected about an individual with information Flash Coffee receives from authorised third parties.
By submitting your Personal Data to us, you warrant that all Personal Data submitted to us is complete, accurate, true and correct. Failure to ensure that such data provided to us is complete, accurate, true and correct may result in inability on our part to provide you with the requested products or services.
Aggregated Data: Further, Flash Coffee may also collect aggregated data or anonymised data that does not directly identify the individual.
*For what purposes do we collect, use or disclose your Personal Data? *
In general, the** **purposes for which Flash Coffee may collect, use, process or disclose your Personal Data include (but are not limited to the following):
Who do we share your Personal Data with?
In the course of providing you with our products and services, your Personal Data may be disclosed to the following third parties for the purposes listed above:
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third parties to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
Because we use different data processors and change them from time to time, it is not appropriate to identify specific recipients of personal information. However, if you are interested, we will be happy to disclose the name of the processor(s) in use at that time upon request.
Your Personal Data may be transferred, stored and/or processed in a country or territory outside the country in which you gave the Personal Data to us. We will take appropriate steps to ensure that any party in a country or territory outside the country in which you gave the Personal Data to us to whom we transfer Personal Data is bound by legally enforceable obligations or specified certifications to provide to the transferred Personal Data a standard of protection which is at least comparable to the protection under the PDPA or to a stricter standard prescribed by the data protection laws applicable to you.
How do we manage, protect and store your Personal Data?
We have appointed a Data Protection Officer who will oversee and ensure management of Personal Data in accordance with the applicable data protection laws. The contact details of our Data Protection Officer are listed below.
We take breaches of privacy very seriously and will take all reasonable steps and employ appropriate security measures to ensure that your Personal Data is securely stored and protected against unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks. You should be aware, however, that no method of transmission over the Internet or method of electronic storage is completely secure. While security cannot be guaranteed, we strive to protect the security of your information and are constantly reviewing and enhancing our information security measures. In the event of a data breach we shall notify you if required by and in accordance with the data protection laws applicable to you.
Accuracy and Correction
We endeavour to ensure that your Personal Data is accurate and complete if the Personal Data is likely to be used by Flash Coffee to make a decision that affects you or is likely to be disclosed by Flash Coffee to another organisation.
To help us maintain the accuracy of your Personal Data, if there is any change or update in your Personal Data, or if you wish to correct any of your Personal Data which we have, please write to our Data Protection Officer at the contact details below.
We will only retain Personal Data for as long as the retention is required for (i) the purposes for which such Personal Data was collected, or (ii) as required for legal and business purposes.
We will cease to retain your Personal Data, or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purpose for which the Personal Data was collected, you have requested to do so or withdrawn your consent, and is no longer necessary for legal or business purposes.
Generally we do not retain Personal Data for a period of more than seven years after the original purposes for which the Personal Data was collected have ceased to be applicable, unless otherwise required by law.
Links to Other Sites
What are your rights?
Right to withdraw consent and request to delete data
The consent that you provide for the collection, use and disclosure of your Personal Data will remain valid until such time it is being withdrawn by you in writing. You may withdraw consent and request us to stop collecting, using and/or disclosing as well as to erase, destroy, or anonymize your Personal Data for any or all of the purposes listed above by submitting your request in writing or via email to our Data Protection Officer at the contact details provided below.
Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us. In general, we shall seek to process your request within ten business days of receiving it.
Whilst we respect your decision to withdraw your consent, please note that depending on the nature and scope of your request, we may not be in a position to continue providing our goods or services to you and we shall, in such circumstances, notify you before completing the processing of your request. Should you decide to cancel your withdrawal of consent, please inform us in writing in the manner described above.
Please note that withdrawing consent does not affect our right to continue to collect, use and disclose Personal Data where such collection, use and disclose without consent is permitted or required under applicable laws.
Right of access, correction, and data transfer
If you wish to make (a) an access request for access to a copy of the Personal Data which we hold about you or information about the ways in which we use or disclose your Personal Data, or (b) a correction request to correct or update any of your Personal Data which we hold about you, you may submit your request in writing or via email to our Data Protection Officer at the contact details provided below.
You may also request a copy of your Personal Data which we hold about you to be transmitted to another service provider if it can be transmitted by electronic means, and subject to the conditions of the applicable data protection laws.
Please note that a reasonable fee may be charged for an access request. If so, we will inform you of the fee before processing your request.
We will respond to your request as soon as reasonably possible. Should we not be able to respond to your request within thirty days after receiving your request, we will inform you in writing within thirty days of the time by which we will be able to respond to your request. If we are unable to provide you with any Personal Data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the applicable data protection laws).
Who should you approach?
If you have any feedback or enquiries relating to your Personal Data or if you wish to know more about our data protection policies and practices, please contact us at the following:
|Flash Coffee||Data Problem Officer|
|Postal Address for Singapore:||Digital Services SG Four Pte. Ltd., Data Protection Officer, 4 Battery Road, #25-01 Bank of China Building, Singapore 049908|
|Postal Address for Thailand:||Flash Coffee TH Co., Ltd., Data Protection Officer, 73, 173/36, 173/37 Asia Centre Building 21st - 22nd Floor and 27th - 28th Floor, Room no. 21-133, South Sathorn Road, Thungmahamek Sub-district, Sathorn District, Bangkok 10120|
|Postal Address for Indonesia:||PT Sembilan Puluh Enam Derajat., Data Protection Officer, WeWork Revenue Tower, Jl. Jend. Sudirman Kav. 52-53, Jakarta 12190|
|Postal Address for Hong Kong:||Flash Coffee HK Ltd., Data Protection Officer, Suite A 16/F, Tesbury Ctr., 24-32 Queen’s Road East, Hong Kong|