Last update: May 26, 2023.
This Policy governs all personal data you share with us and the personal data we hold about you. By providing us with your personal data, or by accessing, using, or viewing our website (including), applications, exchanges, wallets, platforms, software, products, services, and all related functions or content (which may involve transmitting, caching, or storing any personal data), collectively referred to as "Website/Service/Product", you're deemed to have agreed to every term, condition, and notice in this Policy. If you do not agree, we request you to cease use of the Website/Service/Product and refrain from providing any personal data to us.
If you're visiting from the EU, this Policy is in compliance with the EU General Data Protection Regulation 2016/679 (the "GDPR"). If you're visiting us from Singapore, this Policy is subject to the Personal Data Protection Act 2012 ("PDPA"). Furthermore, this Policy aligns with comparable personal data protection principles applicable to foreign government agencies.
1. What Personal Data is Collected
1.1 In order to fulfill the purposes detailed in Clause 2 below, we may gather and process the following information about you when you access the Website/Service/Product or utilize any of our offerings:
(I) Data obtained directly from you - This could be through the Website/Service/Product, our offerings, the Allowlist/Whitelist registration forms, membership registration forms, phone calls, emails, or in-person meetings with our representatives or staff, when you report any issues to us, request our assistance, or when you fill out any surveys, registration forms or questionnaires that we provide. The data you give us might include, but is not limited to:
a. your personal and employment details, such as your first and last name, your billing and/or shipping address, date of birth, email address, and phone number. Your email address and phone number are crucial for us to be able to contact you about your order or the service we're offering or will offer to you;
b. any additional financial details necessary for providing you our products and services, such as credit card data, bank account details, and other personal descriptions necessary to facilitate the same; c. if you hold an account with us, the preferences and interests associated with that profile or account; d. and details of any interaction you've had with us and the corresponding communication history.
(II) Data collected through automated means - Various technologies could be used on our Website/Service/Product that may result in automated data collection by us. This data may include, but is not limited to:
a. technical details, such as the Internet Protocol (IP) address used to connect your computer to the internet, your login details, browser type and version, time zone setting, browser plug-in types and versions, operating system, and platform;
b. information about your visit, including the full Uniform Resource Locators (URLs) clickstream to, through, and from the Website/Service/Product,
c. methods used to navigate away from the page, and any phone number used to reach our customer service.
(III) Data collected from third parties - We collaborate with third parties and may obtain information about you from them, for instance:
a. business partners, subcontractors in technical, payment, and delivery services, advertising networks, analytics providers, and search information providers;
b. blockchain data;
c. and public databases and credit reference agencies.
2. Uses Made of the Information
2.1. Your personal data may be used for the following purposes:
a. to deliver, enhance, and develop our Website/Service/Product and offerings;
b. to research, design, and launch new features or services;
c. to optimize the presentation of content and information on our Website/Service/Product for you and your device;
d. to send you alerts, updates, resources, or information about our services or any other information that you have requested or subscribed to;
e. to enforce obligations due to us, such as collecting overdue payments worldwide;
f. to respond to or participate in legal proceedings, including but not limited to document drafting and reviewing, transaction documentation, legal advice seeking, and dispute resolution facilitation, as well as to protect and enforce our contractual and legal rights and obligations;
g. to comply with legal and regulatory obligations and demands, including anti-money laundering regulations across different jurisdictions;
h. for accounting, risk management, compliance, and record-keeping purposes;
i. for staff training;
j. to communicate with you, responding to your concerns, inquiries, requests, or feedback, and for purposes directly related or ancillary to the aforementioned;
k. for marketing our Website/Service/Product, provided you have given your consent;
l. and to match any personal data held in relation to you for any of the purposes mentioned above.
2.2. When using your personal data to contact you for the purposes stated above, we may choose to reach out via regular mail, fax, email, SMS, phone calls, or any other electronic methods.
2.3. In cases where we need to utilize your personal data for purposes not stated above, we will inform you and seek your consent prior to proceeding. You will be provided an opportunity to refuse or retract your consent for the usage of your personal data for these additional purposes.
3. Disclosure of your Information
3.1. We assure you that we will not sell your personal data to any third parties.
3.2. We commit to maintaining the confidentiality of your data. However, you agree that we may share your data with:
a. members of our corporate group, including our affiliates and subsidiaries as defined by Section 5 of the Companies Act (Chapter 50) in Singapore and our partner brands on the Website/Service/Product. This allows us to provide you with the requested products and services, including but not limited to billing and shipping details;
b. staff, agents, consultants, auditors, contractors, financial institutions, and service providers who assist in our operations or in providing our products and services. This can include employees involved in fulfilling your order, processing your payment, and offering support services;
c. our foreign branches, affiliates, business partners, and equivalents, but only on a need-to-know basis;
d. individuals or entities obliged to maintain confidentiality towards us;
e. individuals or entities to whom we must disclose information under applicable laws and regulations in any part of the world;
f. potential or actual transferees of our operations (or a significant portion thereof) in any part of the world;
g. third parties where you have given us consent and in scenarios explicitly mentioned in this Policy;
h. and our strategic partners and business collaborators if you have given consent to receive marketing information from us.
3.3. By agreeing to this, you understand and consent to the potential transfer of your personal data to locations outside of Singapore or the jurisdiction where we operate, for the purposes outlined in this section 3. When transferring your personal data outside of Singapore or the jurisdiction we operate in, we will uphold a standard of data protection equivalent to the one provided under the PDPA or GDPR. We will ensure that the recipient is either in a jurisdiction with comparable data protection laws or is contractually obligated to safeguard your personal data.
4. Storage and Retention of Your Information
4.1 We retain your personal data only for the duration necessary for its intended purpose or as required by law or business needs. Once the reason for retaining this information no longer applies, we'll promptly remove it or anonymize it such that it can no longer be linked back to you.
4.2 We may house and process portions or all of your personal and transactional information, including certain financial details like encrypted bank account or routing numbers, within Singapore or any other global location where our or our service providers' facilities are based. We ensure the security of your personal data by enforcing physical, digital, and procedural safety measures in line with relevant laws and regulations.
5.1. Our website utilizes cookies to differentiate you from other users on our site. This practice improves your browsing experience and aids us in enhancing our website.
5.2. A cookie is a small text file composed of alphanumeric characters, which we store on your browser or computer's hard drive, provided you consent to cookie usage. Cookies transfer information to your computer’s hard drive.
5.3. We employ both persistent and session cookies. A persistent cookie remains in your browser and is read by us when you revisit our website or a partner site using our services. On the other hand, session cookies only last for the duration of the session (typically the current website visit or a browser session). All web browsers give you the option to reject any cookie. If you refuse our cookie, we do not collect any information about that visit.
5.4. We use the following types of cookies:
Essential cookies: These are required for the functioning of our website. For instance, they allow you to log into secure sections of our site, utilize a shopping cart, or avail of e-billing services.
Analytical/performance cookies: These enable us to identify and count visitor numbers and observe how visitors navigate our website. This assists us in improving our website's functionality, such as ensuring users can find what they need easily.
Functionality cookies: These recognize you when you return to our website. This permits us to tailor content for you, welcome you by name, and remember your preferences (such as language or region selection).
Targeting cookies: These log your visit to our website, the pages you've accessed, and the links you've clicked. We utilize this data to make our website and its displayed content more relevant to your interests.
You can block cookies by altering your browser settings to refuse all or some cookies. However, if you choose to do this, you might not be able to access all or portions of our website.
We might employ third-party web services on our website. The service providers managing these services use technologies like cookies (likely analytical/performance cookies or targeting cookies), web server logs, and web beacons to assist us in understanding how visitors use our site and to make displayed information more tailored to your interests. The data collected through these technologies (including IP addresses) is shared with these service providers. These analytics services may use the collected data to contextualize and personalize their own advertising network's marketing materials.
6. Third-Party Sites
At times, our Website/Service/Product or our correspondence with you may include links to external third-party websites that are beyond our purview. If you decide to access any of these external websites, be aware that they have their own individual policies and procedures. We recommend reviewing the privacy policies or statements of these external websites to understand your rights. We cannot assume responsibility or liability for the practices enacted by these third-party websites.
7.1. The information you provide us is securely stored on our protected servers.
7.2. We employ TLS/SSL encryption technology to safeguard any transaction involving payments.
7.3. In instances where we have assigned you (or you have selected) a password for access to specific portions of the Website/Service/Product, you bear the responsibility of keeping this password confidential. We implore you not to divulge your password to anyone.
7.4. Access to personal data is limited to our employees, service providers, agents, representatives, and contractors strictly on a need-to-know basis, and we ensure that such individuals are contractually obligated to maintain confidentiality.
7.5. We periodically review our practices for collecting, storing, and processing information to protect against unauthorized access, processing, or usage.
7.6. However, be aware that transmitting information over the internet is not entirely secure. Despite our best efforts to safeguard your personal data, we cannot guarantee total security of your data transmitted to the Website/Service/Product, and any transmission is at your own risk. We advise frequently changing your passwords, using a mix of letters and numbers, and employing a secure browser.
7.7. If applicable, it is your responsibility to ensure the security and confidentiality of your username and password, and not to disclose them to any unauthorized individual. If you suspect that your username and password have been known to someone else, or believe their confidentiality has been compromised in any way, or suspect any unauthorized transactions have occurred, you should inform us as soon as reasonably possible. We shall not be liable for any damages arising from any security breaches, or unauthorized and/or fraudulent use of your username and password.
8.1 For individuals who are situated in the European Economic Area, United Kingdom or Switzerland at the time of their personal data collection, we base our data processing on legal grounds in accordance with Article 6 of the GDPR. Typically, we process your data only when we are legally compelled to, when it's necessary for fulfilling any contracts we have with you (or to take preparatory steps at your request before entering into a contract with you), when it serves our legitimate business interests, when it's essential to protect our or your property, rights, or safety, or when we have your explicit consent to do so.
8.2 Your personal data will be retained in an encrypted state, known as data at rest, which aligns with GDPR regulations. This ensures that your data is encrypted at the storage level. Additionally, all communication between services will be encrypted utilizing SSL or HTTPS.
9. Your Rights
9.1 Should you have queries, feedback, or requests related to your personal data handling or this Policy, or should you wish to reject this Policy, withdraw any consent previously given, or seek to update or access your personal data, please reach out to us at:
Please address it to "Data Privacy Officer."
9.2 Under the PDPA, you are granted the following rights: a. The right to inquire if we possess your personal data; b. The right to access any personal data we hold about you; and c. The right to demand we correct any inaccuracies or errors in the personal data we hold about you.
9.3 Your rights under GDPR include: a. Access to and copies of personal data we possess about you; b. Demand to halt the processing of your personal data if it is causing harm or distress; c. Request that we refrain from sending you marketing communications; d. Request that we delete your personal data; e. Require us to limit our data processing activities; f. Obtain from us the personal data we have about you which you have provided, in a format you specify, including for transmitting that data to another data controller; g. Require us to correct your personal data if it is inaccurate. Please remember that these rights are not absolute, and we can decline requests when exceptions are applicable. If you are based in Europe and wish to learn more about your rights, please contact the EU regulatory authority in your location. For any queries on how we handle your personal data, or to exercise any of the aforementioned rights, please contact our Data Protection Officer.
9.4 Please note that a minor administrative fee may be charged to cover the costs of processing your requests under Clause 9.2 and 9.3.
9.5 All requests for corrections or access to your personal data should be made in writing. We aim to respond to your request within 30 days; if we are unable to do so, we will inform you of when you can expect a response.
9.6 We might be legally prohibited from complying with your requests. We also reserve the right to decline your requests if the law permits us to do so.
9.7 In many instances, we need your personal data to provide you with the products and services you need or request. If you fail to provide the necessary personal data, or if you do not accept this Policy or withdraw your consent for our use and/or disclosure of your personal data for these purposes, we may not be able to continue serving you or provide you with the products and services you require or request.
10. Changes to our Policy
We reserve the right to periodically update this Policy, with the revised version being uploaded onto our Websites. Your continued engagement with our Websites, products, and services after such modifications signifies your acceptance of these updated policies.
11. General Disclaimer and Limitation of Liability
11.1 To the fullest extent allowed by law, we will not be held responsible for any special, exemplary, punitive, indirect, incidental, or consequential damages, or any loss of reputation or goodwill, incurred as a result of unauthorized or unintended use, access, or disclosure of your personal data. These damages could arise from contract, tort (including negligence), equity, strict liability, statute, or otherwise.
11.2 In the event of a claim arising out of or related to any violation of this Policy by Rare Spirits Society, our cumulative liability to you (if any) for an individual claim or a series of connected claims concerning losses, costs, liabilities, or expenses shall be restricted to the aggregate value of the Rare Spirits Society related Digital Assets in your Digital Wallet at the time of the respective claim (refer to the User Agreement for the definitions of these terms). In the case of a specific claim related to a specific transaction, this sum shall be further limited to the purchase/sale amount (as applicable) of the disputed transaction. We will not be held accountable if the said liability has arisen due to your negligence, gross negligence, or fraud.