This Personal Data Protection Policy (“Policy“) sets out the manner in which Englim Studios Pte. Ltd. (UEN: 202017221G) (“we“, “our” or “us“) may collect, use, disclose, store, process and/or protect personal data, in accordance with the Personal Data Protection Act 2012 (No. 26 of 2012) (“PDPA“).
Please read this Policy carefully to understand our practices regarding your personal data and how we handle it. By accessing or using the My Afterwords mobile app or our website at www.myafterwords.app (collectively, the “Platforms“), or any products, features and services accessible through the Platforms (collectively, the “Services“), you agree to the terms of this Policy.
We may update this Policy from time to time by posting the updated Policy on this page. Your continued access or use of the Platforms or any of the Services shall constitute your acknowledgement and acceptance of the changes we make to this Policy. You are reminded to check this page from time to time for updates to this Policy.
1.1 This Policy applies to personal data that is in our possession or under our control, and personal data which is collected, used, disclosed and/or processed by us in Singapore.
1.2 Unless you withdraw your consent in accordance with the procedure set forth in this Policy, we may continue to share the personal data that we collect from you with our affiliates and subsidiaries. Such personal data may also, subject to the PDPA and other applicable Singapore laws, be transferred to and used by us outside of Singapore. When personal data is collected by or transferred to us, it will be treated according to the personal data protection practices set forth in this Policy.
2. Collection and Use of Personal Data
2.1 Subject to the PDPA, we will obtain consent before collecting, using and disclosing personal data (including your personal data), and notify you of such purposes.
2.2 We collect various types of personal data via the Platforms. In this Policy, “personal data” means data, whether true or not, about an individual who can be identified: (a) from that data; or (b) from that data and other information to which we (and all our affiliates, partners, subsidiaries and all relevant third parties mentioned in this Policy) have or are likely to have access.
2.3 We collect personal data about you that you knowingly and voluntarily provide in connection with certain activities or transactions with us, including but not limited to, when you access or use the Platforms; sign up for an account; purchase a subscription; use the Services; and when you report a problem with the Platforms or our services; etc. The type of personal data that we collect about you depends on the nature of the activity or transaction.
2.4 When we collect personal data from other sources, we will ensure that personal data is collected in accordance with applicable laws. Such sources include:
(a) publicly available sources of data;
(b) related companies and our affiliates;
(c) our business partners;
(d) when our users add you as an Informer or Recipient in respect of the Services;
(e) marketing service providers or partners; and
(f) independent third party sources.
2.5 The types of personal data that we collect, and may collect in the future, include but are not limited to the following:
(a) personal particulars, such as your name, gender and date of birth;
(b) contact information, such as your email address, phone number and billing address;
(c) account information, such as your user ID, password and usage of your account;
(d) payment information, such as your credit card details, bank account number and any other payment details;
(e) technical information, such as internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, international mobile equipment identity, device identifier, how you use and view any content on the Platforms and other information and technology on the devices you use to access the Platforms;
(f) user-submitted content, such as messages, videos, photographs and other media;
(g) communications, such as emails when you contact us to request for support or to provide feedback to us; and
(h) marketing and communications information, such as your feedback, preferences in receiving marketing materials from us, our affiliates and partners, and any third parties, your communication preferences, and your preferences for particular products or services.
2.6 When you provide your personal data to us, you are giving us permission to use and store that personal data in accordance with this Policy, including storage in servers outside of Singapore, subject to the requirements of the PDPA and applicable laws on cross-border data transfers.
2.7 If you provide personal data of any third party to us, including personal data of Informers and Recipients (if applicable), you represent and warrant that you have obtained the necessary consent, licence and permissions from that third party to share and transfer his/her personal data to us, and for us to collect, store, use and disclose that personal data in accordance with this Policy.
2.8 The Platforms may contain links to other websites operated by other parties, such as our business affiliates, advertisers, payment gateways or other third parties. We are not responsible for the data protection and privacy practices of websites operated by such other parties. You are advised to check on the applicable data protection and privacy policies of those websites to determine how they will handle any information they collect from you.
3. Purposes for the Collection, Use and Disclosure of Personal Data
3.1 Depending on your relationship with us, the personal data which we collect from you (either directly or through our affiliates, related companies or any other third party) may be collected, used, processed and disclosed for the following (non-exhaustive) purposes and any other related or associated purposes:
(a) to set up your account with us;
(b) to manage and administer your account and your use and access of the Platforms;
(c) to provide the Services, including to process and fulfil your instructions with respect to the Informers and Recipients;
(d) to facilitate your use of the Services or access to the Platforms;
(e) to process orders you submit through the Platforms (including any payments that you make in respect of the Services);
(f) to manage your relationship with us;
(g) to communicate with you and to process and respond to your queries, feedback, claims or disputes, whether directly or through any outsourced customer service vendors;
(h) to inform you about upgrades and updates to the Services;
(i) to improve the Platforms or the Services;
(j) to carry out market research on our users’ demographics, advertising preferences and other behaviour;
(k) to provide you with information we think you may find useful or which you have requested from us, including information about our or affiliates’ products and services, provided you have indicated that you have not objected to being contacted for these purposes, if applicable;
(l) to comply with a court order or other legal process or other statutory and/or regulatory requirements of any governmental and/or regulatory authorities; and/or
(m) any other purpose permitted by the applicable laws of Singapore, or as may be described to you from time to time at the point of collection of the personal data,
(collectively, the “Purposes”).
4. Disclosure of Personal Data
4.1 We may disclose your personal data to various parties for any of the Purposes. These parties include, but are not limited to:
(a) Informers and Recipients;
(b) related companies and our affiliates for any of the Purposes;
(c) our vendors, consultants, marketing partners, research firms and other service providers or business partners. This includes payment processors and facilitators, debt collectors, cloud storage providers, marketing partners, marketing platform providers and data analytics providers;
(d) with our partners at your request;
(e) our professional advisors, consultants and auditors;
(f) a party or prospective party in respect of a business asset transaction (i.e. the purchase, sale, lease, merger or amalgamation or any other acquisition, disposal or financing of an organisation or a portion of an organisation or of any of the business or assets of an organisation) to which we are a party or a prospective party;
(g) law enforcement officials; and
(h) any person to whom disclosure is permitted, or required by, any applicable laws and regulations or court order.
4.2 In sharing your personal data with external parties, we endeavour, where appropriate and permissible, to ensure that the third parties and our affiliates and related companies keep your personal data secure from unauthorised access, collection, use, disclosure, processing or similar risks and retain your personal data only for as long as they need your personal data to achieve the Purposes.
5. Accuracy of Personal Data
5.1 We rely on the personal data provided by you. You undertake that you will provide accurate and complete personal data. Failure on your part to do so may result in our inability to provide you with the Services.
5.2 You are responsible for informing us as soon as practicable if there are any errors in the personal data you have provided us, if there have been any changes to the personal data, or in the event you believe that the personal data we have about you is inaccurate, incomplete, misleading or out of date.
5.3 You can update your personal data at any time through the “Account” page in the My Afterwords mobile app. Alternatively, if you are unable to do so, you may contact our Data Protection Officer at the contact details set out in paragraph 12 below.
5.4 We may take steps to share the updates to your personal data with third parties and our affiliates with whom we have shared your personal data if your personal data is still necessary for the Purposes.
6. Withdrawal of Consent
6.1 You may, at any time, communicate the withdrawal of your consent to the continued use, disclosure, storing and/or processing of your personal data for any of the Purposes by contacting our Data Protection Officer at the contact details set out in paragraph 12 below.
6.2 While we respect your decision to withdraw your consent, please note that if you withdraw your consent to our use, disclosure, storing and/or processing of your personal data for the Purposes, depending on the nature and scope of your request, we may not be in a position to continue to provide the Services to you or to perform any contract we may have with you, and we will not be liable in the event that we do not continue to provide the Services to, or perform our contract with you.
6.3 Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) to process your request and to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us. In general, we will seek to process your request within ten (10) business days of receiving it.
6.4 Please note that withdrawing consent does not affect our right to continue to collect, use and disclose personal data where such collection, use and disclosure without consent is permitted or required under applicable laws.
7. Transfer of Personal Data Outside Singapore
7.1 By providing us with your personal data, you understand and agree that your personal data may be transferred to servers located outside Singapore for processing by us, our affiliates and/or any other organisation which we may choose, in accordance with this Policy.
7.2 In situations where we transfer your personal data overseas, we will take steps to ensure that appropriate levels of protection necessary to maintain the security and integrity of your personal data are in place. We will ensure that the recipient organisation is able to provide the transferred personal data with a standard of protection that is comparable to that under the PDPA.
8. Access to and Correction of Personal Data
8.1 You may, at any time, request to access your personal data in our possession or under our control, or enquire about the ways in which your personal data may have been used, disclosed, stored or processed by us for the past year.
8.2 You may also, at any time, request to correct any error or omission in your personal data that is in our possession or under our control.
8.3 In order to facilitate the processing of your access or correction request, it may be necessary for us to request further information relating to your request.
8.4 Should you wish to access, or correct an error or omission in, your personal data held by us, you can submit your request to our Data Protection Officer at the contact details set out in paragraph 12 below. We will respond to your request as soon as reasonably possible. If we are unable to respond to your request within thirty (30) days from the date of your request, we will inform you in writing.
8.5 We reserve the right to charge an administrative fee for processing your request to access your personal data. In the event that an administrative fee is to be charged, we will inform you of such fee before processing your request.
8.6 If we are unable to provide you with any personal data or to make a correction requested by you, we will generally inform you of the reasons why we are unable to do so (except where we are not required to do so under applicable data protection laws).
8.7 Please note that depending on the request that is being made, we will only need to provide you with access to the personal data contained in the documents requested, and not to the entire documents themselves. In those cases, it may be appropriate for us to simply provide you with confirmation of the personal data that we have on record, if the record of your personal data forms a negligible part of the document.
9. Retention of Personal Data
9.1 We may retain your personal data for as long as the purpose for which the personal data was collected continues, or if the retention is necessary for our legal or business purposes, even in circumstances where the account under which the personal data was provided has been deactivated or deleted. We will cease to retain personal data once we have no reason for doing so.
10. Security of Personal Data
10.1 The security of your personal data is important to us. We will take reasonable technical, procedural and other measures to ensure that the personal data which you have provided us is protected from unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks.
10.2 Nevertheless, you understand that the transmission of data via the internet is not completely secure. Although we will do our best to protect the personal data which you have provided us, we cannot guarantee the security of personal data transmitted through any online means, and accordingly, any transmission is at your own risk.
12. Contact Us
12.1 If you have any queries about this Policy or would like to exercise your rights set out in this Policy, please contact our Data Protection Officer at:
Data Protection Officer for Englim Studios Pte. Ltd.
Email address: email@example.com
Last updated: 7 November 2020
Automatic collection of information
When you use the Mobile Application, our servers automatically record information that your device sends. This data may include information such as your device’s IP address and location, device name and version, operating system type and version, language preferences, information you search for in the Mobile Application, access times and dates, and other statistics.
Information collected automatically is used only to identify potential cases of abuse and establish statistical information regarding the usage of the Mobile Application and Services. This statistical information is not otherwise aggregated in such a way that would identify any particular user of the system.
Collection of personal information
You can access and use the Mobile Application and Services without telling us who you are or revealing any information by which someone could identify you as a specific, identifiable individual. If, however, you wish to use some of the features in the Mobile Application, you may be asked to provide certain Personal Information (for example, your name and e-mail address). We receive and store any information you knowingly provide to us when you create an account, publish content, make a purchase, or fill any online forms in the Mobile Application. When required, this information may include the following:
- Personal details such as name, country of residence, etc.
- Contact information such as email address, address, etc.
- Account details such as user name, unique user ID, password, etc.
- Geolocation data such as latitude and longitude.
- Information about other individuals such as your family members, friends, etc.
- Any other materials you willingly submit to us such as articles, images, feedback, etc.
Some of the information we collect is directly from you via the Mobile Application and Services. However, we may also collect Personal Information about you from other sources such as public databases and our joint marketing partners. You can choose not to provide us with your Personal Information, but then you may not be able to take advantage of some of the features in the Mobile Application. Users who are uncertain about what information is mandatory are welcome to contact us.
Use and processing of collected information
In order to make the Mobile Application and Services available to you, or to meet a legal obligation, we need to collect and use certain Personal Information. If you do not provide the information that we request, we may not be able to provide you with the requested products or services. Any of the information we collect from you may be used for the following purposes:
- Create and manage user accounts
- Fulfill and manage orders
- Deliver products or services
- Improve products and services
- Send administrative information
- Send marketing and promotional communications
- Respond to inquiries and offer support
- Improve user experience
- Post customer testimonials
- Enforce terms and conditions and policies
- Protect from abuse and malicious users
- Respond to legal requests and prevent harm
- Run and operate the Mobile Application and Services
Processing your Personal Information depends on how you interact with the Mobile Application and Services, where you are located in the world and if one of the following applies: (i) you have given your consent for one or more specific purposes; this, however, does not apply, whenever the processing of Personal Information is subject to California Consumer Privacy Act or European data protection law; (ii) provision of information is necessary for the performance of an agreement with you and/or for any pre-contractual obligations thereof; (iii) processing is necessary for compliance with a legal obligation to which you are subject; (iv) processing is related to a task that is carried out in the public interest or in the exercise of official authority vested in us; (v) processing is necessary for the purposes of the legitimate interests pursued by us or by a third party.
Note that under some legislations we may be allowed to process information until you object to such processing (by opting out), without having to rely on consent or any other of the following legal bases below. In any case, we will be happy to clarify the specific legal basis that applies to the processing, and in particular whether the provision of Personal Information is a statutory or contractual requirement, or a requirement necessary to enter into a contract.
Billing and payments
In case of services requiring payment, we request credit card or other payment account information, which will be used solely for processing payments. Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted. All direct payment gateways adhere to the latest security standards as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. Sensitive and private data exchange happens over a SSL secured communication channel and is encrypted and protected with digital signatures, and the Mobile Application and Services are also in compliance with PCI vulnerability standards in order to create as secure of an environment as possible for Users. Scans for malware are performed on a regular basis for additional security and protection.
You are able to delete certain Personal Information we have about you. The Personal Information you can delete may change as the Mobile Application and Services change. When you delete Personal Information, however, we may maintain a copy of the unrevised Personal Information in our records for the duration necessary to comply with our obligations to our affiliates and partners, and for the purposes described below.
Disclosure of information
Depending on the requested Services or as necessary to complete any transaction or provide any service you have requested, we may contract with other companies and share your information with your consent with our trusted third parties that work with us, any other affiliates and subsidiaries we rely upon to assist in the operation of the Mobile Application and Services available to you. We do not share Personal Information with unaffiliated third parties. These service providers are not authorized to use or disclose your information except as necessary to perform services on our behalf or comply with legal requirements. We may share your Personal Information for these purposes only with third parties whose privacy policies are consistent with ours or who agree to abide by our policies with respect to Personal Information. These third parties are given Personal Information they need only in order to perform their designated functions, and we do not authorize them to use or disclose Personal Information for their own marketing or other purposes.
We will disclose any Personal Information we collect, use or receive if required or permitted by law, such as to comply with a subpoena, or similar legal process, and when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
In the event we go through a business transition, such as a merger or acquisition by another company, or sale of all or a portion of its assets, your user account, and Personal Information will likely be among the assets transferred.
Retention of information
We will retain and use your Personal Information for the period necessary to comply with our legal obligations, resolve disputes, and enforce our agreements unless a longer retention period is required or permitted by law. We may use any aggregated data derived from or incorporating your Personal Information after you update or delete it, but not in a manner that would identify you personally. Once the retention period expires, Personal Information shall be deleted. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after the expiration of the retention period.
Transfer of information
Depending on your location, data transfers may involve transferring and storing your information in a country other than your own. You are entitled to learn about the legal basis of information transfers to a country outside the European Union or to any international organization governed by public international law or set up by two or more countries, such as the UN, and about the security measures taken by us to safeguard your information. If any such transfer takes place, you can find out more by checking the relevant sections of this Policy or inquire with us using the information provided in the contact section.
The rights of users
You may exercise certain rights regarding your information processed by us. In particular, you have the right to do the following: (i) you have the right to withdraw consent where you have previously given your consent to the processing of your information; (ii) you have the right to object to the processing of your information if the processing is carried out on a legal basis other than consent; (iii) you have the right to learn if information is being processed by us, obtain disclosure regarding certain aspects of the processing and obtain a copy of the information undergoing processing; (iv) you have the right to verify the accuracy of your information and ask for it to be updated or corrected; (v) you have the right, under certain circumstances, to restrict the processing of your information, in which case, we will not process your information for any purpose other than storing it; (vi) you have the right, under certain circumstances, to obtain the erasure of your Personal Information from us; (vii) you have the right to receive your information in a structured, commonly used and machine readable format and, if technically feasible, to have it transmitted to another controller without any hindrance. This provision is applicable provided that your information is processed by automated means and that the processing is based on your consent, on a contract which you are part of or on pre-contractual obligations thereof.
The right to object to processing
Where Personal Information is processed for the public interest, in the exercise of an official authority vested in us or for the purposes of the legitimate interests pursued by us, you may object to such processing by providing a ground related to your particular situation to justify the objection. You must know that, however, should your Personal Information be processed for direct marketing purposes, you can object to that processing at any time without providing any justification. To learn, whether we are processing Personal Information for direct marketing purposes, you may refer to the relevant sections of this document.
Data protection rights under GDPR
If you are a resident of the European Economic Area (EEA), you have certain data protection rights and Englim Studios Pte Ltd aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Information. If you wish to be informed what Personal Information we hold about you and if you want it to be removed from our systems, please contact us. In certain circumstances, you have the following data protection rights:
- You have the right to request access to your Personal Information that we store and have the ability to access your Personal Information.
- You have the right to request that we correct any Personal Information you believe is inaccurate. You also have the right to request us to complete the Personal Information you believe is incomplete.
- You have the right to request the erase your Personal Information under certain conditions of this Policy.
- You have the right to object to our processing of your Personal Information.
- You have the right to seek restrictions on the processing of your Personal Information. When you restrict the processing of your Personal Information, we may store it but will not process it further.
- You have the right to be provided with a copy of the information we have on you in a structured, machine-readable and commonly used format.
- You also have the right to withdraw your consent at any time where Englim Studios Pte Ltd relied on your consent to process your Personal Information.
You have the right to complain to a Data Protection Authority about our collection and use of your Personal Information. For more information, please contact your local data protection authority in the European Economic Area (EEA).
California privacy rights
In addition to the rights as explained in this Policy, California residents who provide Personal Information (as defined in the statute) to obtain products or services for personal, family, or household use are entitled to request and obtain from us, once a calendar year, information about the Personal Information we shared, if any, with other businesses for marketing uses. If applicable, this information would include the categories of Personal Information and the names and addresses of those businesses with which we shared such personal information for the immediately prior calendar year (e.g., requests made in the current year will receive information about the prior year). To obtain this information please contact us.
How to exercise these rights
Any requests to exercise your rights can be directed to Englim Studios Pte Ltd through the contact details provided in this document. Please note that we may ask you to verify your identity before responding to such requests. Your request must provide sufficient information that allows us to verify that you are the person you are claiming to be or that you are the authorized representative of such person. You must include sufficient details to allow us to properly understand the request and respond to it. We cannot respond to your request or provide you with Personal Information unless we first verify your identity or authority to make such a request and confirm that the Personal Information relates to you.
Privacy of children
We recognize the need to provide further privacy protections with respect to Personal Information we may collect from children and take many special precautions to protect the privacy of children. We do not require any Personal Information from them at any time. We encourage children to consult with their parents before submitting any information to any online resource . We believe parents should be involved in the online activities of their children and suggest that parents do their best to provide their children with a safe and friendly online environment.
We may display online advertisements and we may share aggregated and non-identifying information about our customers that we or our advertisers collect through your use of the Mobile Application and Services. We do not share personally identifiable information about individual customers with advertisers. In some instances, we may use this aggregated and non-identifying information to deliver tailored advertisements to the intended audience.
We may also permit certain third party companies to help us tailor advertising that we think may be of interest to users and to collect and use other data about user activities in the Mobile Application. These companies may deliver ads that might place cookies and otherwise track user behavior.
We may disclose information about you to our affiliates for the purpose of being able to offer you related or additional products and services. Any information relating to you that we provide to our affiliates will be treated by those affiliates in accordance with the terms of this Policy.
We offer electronic newsletters to which you may voluntarily subscribe at any time. We are committed to keeping your e-mail address confidential and will not disclose your email address to any third parties except as allowed in the information use and processing section. We will maintain the information sent via e-mail in accordance with applicable laws and regulations.
In compliance with the CAN-SPAM Act, all e-mails sent from us will clearly state who the e-mail is from and provide clear information on how to contact the sender. You may choose to stop receiving our newsletter or marketing emails by following the unsubscribe instructions included in these emails or by contacting us. However, you will continue to receive essential transactional emails.
Links to other resources
The Mobile Application and Services contain links to other resources that are not owned or controlled by us. Please be aware that we are not responsible for the privacy practices of such other resources or third parties. We encourage you to be aware when you leave the Mobile Application and Services and to read the privacy statements of each and every resource that may collect Personal Information.
We secure information you provide on computer servers in a controlled, secure environment, protected from unauthorized access, use, or disclosure. We maintain reasonable administrative, technical, and physical safeguards in an effort to protect against unauthorized access, use, modification, and disclosure of Personal Information in its control and custody. However, no data transmission over the Internet or wireless network can be guaranteed. Therefore, while we strive to protect your Personal Information, you acknowledge that (i) there are security and privacy limitations of the Internet which are beyond our control; (ii) the security, integrity, and privacy of any and all information and data exchanged between you and the Mobile Application and Services cannot be guaranteed; and (iii) any such information and data may be viewed or tampered with in transit by a third party, despite best efforts.
In the event we become aware that the security of the Mobile Application and Services has been compromised or users Personal Information has been disclosed to unrelated third parties as a result of external activity, including, but not limited to, security attacks or fraud, we reserve the right to take reasonably appropriate measures, including, but not limited to, investigation and reporting, as well as notification to and cooperation with law enforcement authorities. In the event of a data breach, we will make reasonable efforts to notify affected individuals if we believe that there is a reasonable risk of harm to the user as a result of the breach or if notice is otherwise required by law. When we do, we will post a notice in the Mobile Application.
Changes and amendments
We reserve the right to modify this Policy or its terms relating to the Mobile Application and Services from time to time in our discretion and will notify you of any material changes to the way in which we treat Personal Information. When we do, we will revise the updated date at the bottom of this page. We may also provide notice to you in other ways in our discretion, such as through contact information you have provided. Any updated version of this Policy will be effective immediately upon the posting of the revised Policy unless otherwise specified. Your continued use of the Mobile Application and Services after the effective date of the revised Policy (or such other act specified at that time) will constitute your consent to those changes. However, we will not, without your consent, use your Personal Information in a manner materially different than what was stated at the time your Personal Information was collected.
Acceptance of this policy
You acknowledge that you have read this Policy and agree to all its terms and conditions. By accessing and using the Mobile Application and Services you agree to be bound by this Policy. If you do not agree to abide by the terms of this Policy, you are not authorized to access or use the Mobile Application and Services.
If you would like to contact us to understand more about this Policy or wish to contact us concerning any matter relating to individual rights and your Personal Information, you may send an email to firstname.lastname@example.org
This document was last updated on 7 November 2020.