Privacy policy

1.Applicability of privacy policy

Big Hippo Pte. Ltd.(“ the Company”) respects your privacy and are committed to protect personal data you may provide us with through our Website(“www.hippo.sg”) We have adopted this Privacy Policy to explain what information may be collected on our websites, how we use this information, and under what circumstances we may disclose the information to third parties.

This Privacy Policy applies to our processing of personal data in relation to the provision of any of our services, including:

• When you submit an application thru our websites;
• When you engage our services;
• as a result of your relationship with one or more of our clients;
• when you use our websites and services

Your personal data will be held by us in accordance with usage in compliance with the Personal Data Protection Act 2012 (No. 26 of 2012) of Singapore (“PDPA”), which applies in the Republic of Singapore (“SG”).

Please read this Privacy Policy to understand how we will collect and use your personal data and the rights you have in relation to your personal data.

By visiting our websites, and using our products and services, you acknowledge the terms of this Privacy Policy and the use and disclosure of your personal data as set out in this Privacy Policy.

2. How we collect your personal data

We generally collect your personal data directly from you when you are one of our customers. When you submit an application with us via our websites, you will be asked to provide personal data. This information is likely to include [your name, phone numbers, a physical address and an email address] (this is not an exhaustive list).

We may also collect personal data from you when you make financial transactions or otherwise interact with us, for example by [contacting our customer service personnel or] reporting a problem on our websites.

The categories and range of personal data we collect and hold will vary from customer to customer. However, our policy is to collect only the personal data necessary for the particular service.

When you use our online services or visit our websites or, we may collect the following information from you directly and/or automatically;

• information you provide to us if you contact us, for example to report a problem with our online services or raise a query or comment; and
• details of visits made to our websites such as the volume of traffic received, logs (including, the internet protocol (IP) address and location of the device connecting to the online services and other identifiers about the device and the nature of the visit) and the resources accessed.

3. TYPES OF PERSONAL DATA COLLECTED BY US

Information about you collected by us may include

• your full name, email address, date of birth, identity card/passport details, phone number when you submit an application via our website.
• information about your interactions with us, including monitoring, noting, emails or letters or other records of any contact between you and us
• your account information or details including passwords or challenge questions and answers.
• information on your access or use of our products, services, information, content or features
• information associated with managing requests, queries and complaints
• marketing and other preferences, likes or interests based on what you specify to us including contact method and preferred products, services, information, content or features
• information from other organisations including fraud-prevention agencies, business directories, credit reference agencies or individuals we believe you have authorised to provide your personal details on your behalf
• information from social network/media or other platforms or providers to access or use any of our websites, webpages, products, services, information, content or features

4. WHY WE COLLECT YOUR PERSONAL DATA

We collect, use, share or otherwise process your personal data for the following non-exhaustive list of purposes:

Providing our services

We provide a diverse range of services. Some of our services require us to process personal data in order to provide advice and deliverables and to carry out our obligations arising from our contracts with you. We may also process your data in order to carry out anti-money laundering and “Know Your Customer” (KYC) checks in accordance with applicable legal and regulatory obligations.

If you are a user of our websites and have provided us with your email address, we may occasionally send you an email to tell you about new features, solicit your feedback, or just keep you up to date with our products and services. We primarily use our blog to communicate this type of information, so we expect to keep this type of email to a minimum. If you send us a request (for example via a support email or via one of our feedback mechanisms), we reserve the right to publish it in order to help us clarify or respond to your request or to help us support other users.

Administering, managing and developing our businesses and services

We process personal data in order to run our business, including:

• managing our relationship with customers;
• developing our businesses and services (such as identifying customer needs and improvements in service delivery);
• promoting our goods and services;
• maintaining our own accounts and records;
• maintaining and using IT systems;
• hosting or facilitating the hosting of events; and
• administering and managing our websites, systems.

Complying with any requirement of law, regulation or a professional body of which we are a member

As with any provider of our services, we may be subject to legal and regulatory obligations. We need to keep certain records to demonstrate that our services are provided in compliance with those obligations and those records may contain personal data.

Improving our services

We are continually looking for ways to help our clients and improve our business and services.  Where agreed with our clients, we may use information that we receive in the course of providing our services for other lawful purposes, including improving our business, service delivery and offerings and to develop new technologies and offerings. To the extent that the information we receive in the course of providing services contains personal data, we will de-identify the data prior to using the information for these purposes.

Aggregated Statistics

We may collect statistics about the behaviour of visitors to our websites. We may display this information publicly or provide it to others but none of such information contain personal data.

Legal basis for processing your personal data

For processing (which includes collecting, using and disclosing) of personal data not governed by PDPA, the legal basis for processing your personal data is either (i) your consent; (ii) one of the consent exceptions (e.g. contract necessity); or (iii) you have been notified of the purposes of processing your personal data before we collect your personal data.

For processing of personal data governed by PDPA, the legal basis for processing your personal data for different purposes are set out below:

We may contact you for the above purposes by telephone call, email, text or SMS messaging, post and other means.

We will not use your personal data for purposes other than what we have informed you, or which are permitted under applicable laws and regulations.

5. LEGAL BASIS FOR USING YOUR PERSONAL DATA UNDER PDPA

This section is applicable to processing of personal data governed by PDPA only. We have set these out below.

Where using your data is in our legitimate interests

We are allowed to use your personal data where it is in our interests to do so, and those interests aren’t outweighed by any potential prejudice to you.

We believe that our use of your personal data is within a number of our legitimate interests, including but not limited to:

• To enable us to provide our services to our customers;
• To help us satisfy our legal obligations (for example, in relation to prevention of money laundering and anti-terrorism);
• To help us understand our customers better and provide better, more relevant services to them;
• To help us keep our systems and physical premises secure and prevent unauthorized access or cyber attacks.

We do not think that any of the activities set out in this privacy policy will prejudice you in any way. However, you do have the right to object to us processing your personal data on this basis.

Where you give us your consent to use your personal data

We are allowed to use your data where you have specifically consented. In order for your consent to be valid:

• It has to be given freely, without us putting you under any type of pressure;
• You have to know what you are consenting to – so we’ll make sure we give you enough information;
• You should only be asked to consent to one thing at a time.

As part of our relationship with you, we may ask you for specific consents to allow us to use your data in certain ways. If we require your consent, we will provide you with sufficient information so that you can decide whether or not you wish to consent.

You have the right to withdraw your consent at any time thru written notice to us

Where using your personal data is necessary for us to carry out our obligations under our contract with you

We are allowed to use your personal data when it is necessary to do so for the performance of our contract with you.

For example, we need to collect your contact details in order to be able to communicate with you and provide you with some of the services you have requested.

Where processing is necessary for us to carry out our legal obligations

As well as our obligations to you under any contract, we also have other legal obligations that we need to comply with and we are allowed to use your personal data when we need to in order to comply with those other legal obligations.

For example, we are required to carry out anti-money laundering checks about our customers and we need to collect and use certain information about them in order to do so.

6. WHO DO WE SHARE YOUR DATA WITH?

We may share your personal data with the following categories of recipients:

Related Entities

Your personal data will be used by us and disclosed to Big Hippo Pte. Ltd. and all of its subsidiaries.

Regulatory bodies

We may disclose your personal data:

• to regulators and law enforcement agencies (including those responsible for enforcing anti-money laundering legislations);
• in response to an enquiry from a government agency;
• to data protection regulatory authorities;
• to financial services regulatory authorities; and
• to other regulatory authorities with jurisdiction over our activities.

Our service providers, contractors and affiliated organisations

We disclose potentially personal data only to our service providers, contractors, and affiliated organizations that (i) need to know that information to process it on our behalf or to provide services available at our websites and (ii) that have agreed not to disclose the personal data to others.

We may disclose your personal data to third party service providers who require access to such information for the purpose of providing specific services to us. These third parties will only be able to access your personal data to provide us with their services and will not be able to use it for their own purposes.

Professional advisors and Auditors

We may disclose your personal data to professional advisors (such as legal advisors and accountants) or auditors for the purpose of providing professional services to us.

Courts or governments

We may disclose personal data in response to a subpoena, court order or other governmental request.

7. Access to, Updating of Your Personal Information

Subject to the exceptions referred to in section 21(2) of PDPA, you have the right to request a copy of the information that we hold about you. If you would like a copy of some or all of your personal information, please send us an email to Support@Hippo.sg.

We want to ensure that your Personal Information is accurate and up to date, if there is a change of your personal details, emails for example, please send us an email to support@hippo.sg to get it updated.

8. COOKIES

To enrich and perfect your online experience, we use cookies, or similar technologies and services provided by others to display personalised content, appropriate advertising, and store your preferences on your computer.

Non-personal identifying information

We collect non-personal identifying information on our websites, such as the browser type, language preference, referring site, and the date and time of each visitor request.  The purpose for collecting non-personal identifying information is to better understand how our website visitors use our website.

Website cookies

Cookies are small data files sent by a website to your computer that are stored on your hard drive when you visit certain online pages of our website. We use cookies to identify and track visitors to our websites, their usage of https://www.hippo.sg/  and their website access preferences.

Cookies allow the website to identify and interact with your computer (for example so we can remember your login details if you have opted to ‘stay signed in’). We do not use cookies to retrieve information that was not originally sent by us to you in a cookie.

You can set your browser to accept or reject all cookies or notify you when a cookie is sent. If you reject cookies or delete our cookies, you may still use our websites, but you may have reduced functionality and access to certain areas of our websites or your account. Visitors who do not wish to have cookies placed on their computers should set their browsers to refuse cookies before using our websites, with the drawback that certain features of our websites may not function properly without the aid of cookies.

cookies

Our website may use third party code and libraries that use “cookies” to collect information and improve their services. You have the option to either accept or refuse these cookies and know when a cookie is being sent to your device. If you choose to refuse our cookies, you may not be able to use some portions of our website.

Acceptance of cookies

By continuing to use our websites without changing your cookie settings, you hereby acknowledge and agree to our continued use of cookies on our website.

9. security

We take all measures reasonably necessary to protect your personal data from misuse, interference and loss, and unauthorised access, modification, alternation, disclosure or destruction.

This includes, for example, the protection of passwords using industry standard encryption, measures to preserve system security and prevent unauthorised access and back-up systems to prevent accidental or malicious loss of data. We may use third party data storage providers to store personal data electronically. We take reasonable steps to ensure this information is held as securely as information stored on our own equipment.

Unfortunately, there is always risk involved in sending information through any channel over the internet. No method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security. You send information over the internet entirely at your own risk. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted over the internet and we do not warrant the security of any information, including personal data, which you transmit to us over the internet.

10. Third party websites

Our websites may contain links to other websites not operated by us, [ e.g. Google Play Services and Apple App Store]. The information you provide to us will not be transmitted to other websites, but these other websites may collect personal information about you in accordance with their own privacy notice. We cannot accept any responsibility for the privacy practices or content of those websites.

If you access any of our websites, webpages from any of our third party business partners, we may share information with that platform to the extent permitted by your agreement with that platform and its privacy settings. We are not responsible for the practices or policies of any other person or organisation and recommend that you review their data protection or privacy policies.

11. CHANGES TO THIS POLICY

We reserve the unilateral right to amend or update this Privacy Policy and any of our privacy practices at any time and without prior notice to you. We will notify users by posting any updated policy on this page and such changes will be effective immediately and without further notice. Where appropriate, we may notify you directly of changes to this Privacy Policy either through email or a prominent notice on our website. Your continued use of our websites after any change in this Privacy Policy will constitute your acceptance of such change.

12. CONTACT US

If you have any questions or complaints in relation to this Privacy Policy or our data handling practices, please contact us at:

• Attention: Support
• Email: Support@hippo.sg

We will provide you with reasons if we refuse any request. We may make a reasonable charge for your request in accordance with applicable laws.

13. YOUR ACKNOWLEDGEMENT AND CONSENT

By visiting our website, accessing, or using any Big Hippo Pte. Ltd. products, services, information, content, features, or premises, you acknowledge that you have read and understood this Privacy Policy and you accept the practices and terms as set out in this Privacy Policy.

For purpose of complying with applicable data protection laws and the PDPA (to the extent that consent has been identified as the legal basis for processing your personal data), you also provide your consent for us to collect, use, disclose, share, and otherwise process your personal data in accordance with this Privacy Policy.