OFX Singapore PTE. Limited
Privacy Principles Purpose
1. These Privacy Principles describe how we collect, use and disclose your Personal Data.
(a) to undertake associated business processes and functions;
(b) for administration, planning and account management;
(c) to identify you as our Customer;
(d) to monitor, develop and improve the quality of our services;
(e) to send you information that is relevant to the provision of our services;
(f) to answer or process your enquiries or complaints, and provide information or advice;
(g) to comply with any law, rule or regulation (for example, in Singapore the Anti-Money Laundering and
Counter Financing of Terrorism Regulations (“AML/CFT Regulations”)) or binding determination, or to cooperate with any governmental authority; and
(h) any other purpose disclosed to you at the time we collect your Personal Data.
3. We are always willing to explain to you more specifically the purposes for which your Personal Data is being collected.
4. We will seek your consent to the collection, use or disclosure of your Personal Data either expressly or impliedly, depending on the circumstances and the type of information collected. For example, we will rely on your implied or deemed consent when you enter into the Customer Agreement or give us your name, address, telephone number and other details necessary for us to verify your identity in accordance with the provisions of the Customer Agreement.
5. Your consent may also be given by an authorised representative or a person having Power of Attorney.
7. You may withdraw your consent at any time, subject to any legal restrictions and subject to any contractual restrictions you have already entered into with us, and provided that you give us reasonable notice in writing. We will explain to you the implications of such withdrawal. You acknowledge that we may be unable to initiate or continue to provide services to you, or administer any contractual relationship(s) in place upon the withdrawal of your consent. Such withdrawal may therefore result in the termination of any accounts, agreements and/or contractual relationship(s) you may have with us. All our legal rights and remedies are expressly reserved in such termination and any subsequent event.
8. We may from time to time send you information that is relevant to the provision of our services. If, at any time, you do not wish to receive that information, you may send us an email, telephone and/or postal opt-out and request that you are not included in any future mail-outs.
9. There may be circumstances in which we are obliged to collect, use, or disclose certain Personal Data without your consent. Such circumstances could include the following:
(a) the collection, use or disclosure is necessary to respond to an emergency that threatens your life, health or safety or that of another individual;
(b) the collection, use or disclosure is necessary for
any investigation or proceedings, and it is reasonable to expect that seeking your consent for collection would compromise the availability or the accuracy of the Personal Data;
(c) the Personal Data is collected, used or disclosed by us
to recover a debt owed to us by you or for us to pay to you a debt owed by us; or
(d) the Personal Data is disclosed to any officer of a prescribed law enforcement agency.
Limiting Collection and Retention of Personal Data
10. The amount and type of Personal Data collected by us will be limited to that which is necessary to provide our services (or fulfill the purpose for which it was collected). The Personal Data shall be retained only for as long as may be necessary for the fulfilment of the purpose for which the Personal Data is collected, or as required or permitted by applicable laws, rules and regulations.
11. You acknowledge that we are obliged under relevant AML/CFT Regulations to retain information relating to personal identity for at least 5 years.
12. Subject to any legislative requirements, we will destroy, erase, or make anonymous your Personal Data as soon as it is reasonable to assume that it is no longer required to fulfil the purpose for which it has been collected, and retention is no longer necessary for legal or business purposes.
Accuracy and Completeness of Personal Data
13. We will make reasonable efforts to ensure that your Personal Data is sufficiently accurate, complete and up-to-date to minimise the possibility that inappropriate information maybe used to make a decision about you, or is likely to be disclosed by us to another organisation.
14. We will not routinely update your Personal Data unless such a process is necessary to fulfil the purposes for which the Personal Data was collected or otherwise as required by law. In accordance with the Customer Agreement, you must notify us as soon as possible if any of the Personal Data you have provided to us has changed.
15. When registering or creating an account at our website, we collect your password and login name and other information we may request in order to identify you, maintain security of our website and verify and control access to your account or online profile. Such information will also constitute Personal Data for the purposes of this policy. If you make inquiries through the e-mail links, forms or other contact methods provided on our websites, these inquiries are forwarded to the relevant office or department and are used to respond to your inquiry and maintain a record of correspondence.
16. We use Internet technologies like cookies and web beacons to facilitate the services we provide on our websites and your use of our websites, including for the following reasons:
(a) To assist us in providing services to you.
(b) To allow you to change web pages during your visit without having to re-enter your password.
(c) To store your preferences and other information and to track activity on our website.
(d) To better understand the effectiveness of our promotional campaigns.
(e) To determine whether you came to our site from a banner ad or an affiliate website.
(f) To deliver information specific to your interests on additional web sites.(g) To determine whether you’ve acted on our promotional messages.NOTE: A “cookie” is a text file placed on your computer’s hard drive by a web server, which allows for personalisation of certain aspects of your visit to that website. “Web beacons” are transparent electronic images placed in the web code that collect non-personal data while visiting a website. Cookies and web beacons can usually be disabled by changing your browser preferences. Your browser usually has documentation on how to disable cookies and web beacons. Note that disabling cookies may limit the performance of OFX’s websites. If cookies are disabled, certain features of our websites may not function properly, and you may not be able to register or use your online account.
Disclosure to Affiliates and Third Parties
(a) in the event that we sell or buy any business or assets, in which case we may disclose your Personal Data to the prospective seller or buyer of such business assets;
(b) if OFX, or substantially all of its assets, are acquired by a third party, in which case Personal Data held by us about our customers will be one of the transferred assets;
(c) to OFX’s contractors or service providers for the purposes of conducting its business and providing its services or products to you, including web hosting providers, IT systems administrators, mailing houses, couriers, payment processors, data entry service providers, electronic network administrators, debt collectors, and professional advisors such as accountants, solicitors, business advisors and consultants;
(d) to OFX’s intermediary banks in order to process certain transactions on your behalf, for example, by disclosing your name and address;
(e) to any partners, agents or intermediaries who are a necessary part of the provision of OFX’s products and services;
(f) to credit reporting bodies if you are a Customer of OFX for the purpose of identifying you, in which case the information will be limited to your identity particulars, including your name, sex, address (and the previous two addresses), date of birth, name of employer, and drivers licence number;
(g) to any government regulatory bodies that normally require it or may request it;
(h) in order for OFX to satisfy its regulatory obligations under relevant AML/CFT Regulations, for example in order to satisfy the obligation that OFX take reasonable steps to verify the identity of its customers, OFX may disclose your Personal Data to its external credit providers; and
(i) as may be required under any other law.
20. Our website is not directed at children under the age of 18. We will not knowingly collect or maintain Personal Data on our website from those we actually know are under the age of 18.
21. Our website may be linked to or from third party websites. These links are provided as a convenience only. We are not responsible for the content or privacy principles of websites that are linked to or from our website. You are advised to review the privacy policies of any third-party websites you visit.
Safeguards for Personal Data
22. We have in place a range of security safeguards to protect your Personal Data against loss or theft, as well as unauthorised access, disclosure, copying, use, or modification, regardless of the format in which it is held.
23. The methods of protection we employ may depend on the sensitivity of the Personal Data and the format in which it is contained. Security measures include: technological measures including SSL 128-bit encryption for all data transfers over the Internet, physical measures such as locked filing cabinets and restricted access to offices and strategic measures such as security clearances and limiting access to a “need-to-know” basis.
24. We make every effort to ensure that our staff are aware of the importance of maintaining the confidentiality of Personal Data, however you acknowledge that authorised employees, agents, representatives and third parties may require access to your Personal Data in order to enable us to provide our service and we cannot accept responsibility for any unauthorised activities on their part.
25. You acknowledge that no data transmission over the internet or the telephone can be guaranteed to be perfectly secure. Any Personal Data you submit to us or access electronically or over the telephone is done at your own risk. We do not guarantee or warrant the security of Personal Data transmitted in these ways. You acknowledge that third parties could unlawfully intercept your transmissions or may wrongly instruct you to disclose Personal Data while posing as OFX representatives.
Access and Correction of Personal Data
26. We will upon request and within 10 days of any such request allow you access to your Personal Data. The requested information shall be provided or made available in a form that is generally understandable. Please note that the law allows us to charge a reasonable administrative fee for providing you access to your Personal Data.
27. If you point out to us that any Personal Data held by us is inaccurate or incomplete, we will take appropriate action to amend the Personal Data as required and, if necessary, notify any third party of the correction.
28. You acknowledge that there may be circumstances in which we may refuse access to some or all of your Personal Data, including where the information may contain references to other individuals or where it is trivial or frivolous and vexatious.
29. We have procedures in place to receive and respond to complaints or inquiries about our policies and practices relating to the handling of Personal Data. For more information, see our
30. We take all complaints seriously and will investigate all complaints.
Singapore Land Tower 50 Raffles Place