a. We may amend this Policy from time to time to keep pace with new developments, offer you better services and stay in line with prevailing legislation. The updated Policy can be found on this page. Any material changes to this Policy will be communicated to our users by a notification to their account and/or by posting a notice of the change on this page. It is also your responsibility to ensure that you keep up to date with any changes to this Policy.

a. We are a company based in Singapore.

b. We are the provider of the Platform which is intended for use by you as our user. This means that in most cases:

1. We collect, process and store personal information on your behalf as a data processor/data intermediary.
2. You are the controller of the personal information we process and how we use it.

a. The type of information we collect will depend on the scope of our services and/or aspects of our Platform which you have chosen to use.‍

b. Information of our users. In most cases, we collect and process information that you provide to us or to which you have granted us access.

1. These include: Your contact information when you register for an account. Such information includes but is not limited to the following:
   • Name;
   • Email Address;
   • Phone Number; and
   • Address.,
2. Your financial information such as your bank account details, credit card accounts, payment accounts and transaction history.
3. Your marketing preferences.‍

c. Information that we collect automatically. When you use or interact with the Platform, we automatically collect or receive certain non-personally identifiable information through our system and other technologies (e.g., cookies) about your use of the Platform. Such information include:

1. Device data about your computer or other device used to access the Platform. Device data may include information such as your IP address, device type, and browser type.
2. Log files from requests for diagnostic and auditing purposes. These may contain information about what was accessed and from which IP addresses.
3. Location data relating to your device.‍

d. Cookies. We currently only use functional cookies which are necessary for the Platform to work properly. If you delete the functional cookies, the Platform may not work properly.

a. We use the personal information that we collect for lawful purposes associated with our business and the running of the Platform. We have set out below a description of these purposes:

1. To register you as our user and for the administration of your account.
2. Providing the Platform and its services, including the use of analytics to generate data insights (e.g., your financial profile, purchase profile, product profile etc.) required to deliver services of the Platform to you.
3. To provide the products and services that you request.
4. Communicating with you about the Platform, such as the sending of service and other notifications, such as changes to our Terms and Conditions of Service (available at www.dobin.io) ("Terms") and other policies.
5. Performing our obligations and enforcing our Terms and other policies.
6. Developing and improving the Platform.
7. For our business purposes, such as data analysis, audits, fraud monitoring and prevention, record-keeping, developing new services and features, improving or modifying our services, identifying usage trends and other business activities in reliance on our legitimate interests.
8. Complying with our legal obligations under the applicable law.

b. We may use your personal information for the purposes of marketing our services and those of our strategic partners and business associates (e.g., informing you of our latest offers and promotions). We may also send you newsletters and other advertising and promotional material which we believe would be of interest to you. If you do not wish to receive such marketing material from us, you may choose to be removed from our mailing list by using the 'unsubscribe' function that we provide in our communications or on the Platform.

c. You are under no obligation to provide personal information to us. However, if you choose to withhold the requested personal information, you may not be able to use certain aspects or services of the Platform.

a. We may share your personal information with:

1. Our business partners for the purposes of your applications with them (e.g., for loans, cashback, credit cards, etc.).
2. Our affiliates and third party service providers who perform certain functions on our behalf and assist us in providing services such as bank account electronic access, hosting, storage and maintenance services, analysis services, e-mail messaging services, handling of payment transactions, marketing services.
3. Parties involved in a transaction involving the purchase, sale, lease, merger or amalgamation or any other acquisition, disposal or financing of our business.
4. Other parties if required to do so by law or if we believe that such disclosure is is necessary to prevent fraud or crime or to protect the Platform or the rights, property or personal safety of any person.
5. Any other person provided you have given consent to the disclosure.

a. The Application is provided and hosted in Singapore. In order to operate and/or provide you with our services and to carry out the purposes set out in this Policy or as otherwise informed, your personal information may be transferred to, stored, and processed by us and by our third party service providers with whom we may share your personal information, in Singapore and other locations outside of Singapore. These locations may have data protection laws which are different to the laws of your country.

b. You fully understand and unambiguously consent to the transfer of your personal information to locations outside of Singapore (or to locations outside of where you are based) for the purposes set out in this Policy. Please be assured that regardless of where your personal information is located, we will treat your personal information in accordance with what is required under applicable law, such as the Singapore Personal Data Protection Act 2012, and we will ensure that all recipients / data processors are either in a jurisdiction which has comparable data protection laws or are contractually bound to protect your personal data.

a. We will process and store your personal information for no longer than necessary. When your personal information is no longer necessary for legal or regulatory needs, to administer your account or deliver the services which you have contracted with us, we will take reasonable steps to securely remove the information from our system.

a. We take the security of your personal information seriously. To safeguard your personal information against unauthorised access, collection, use, disclosure and modification and other similar risks, we have implemented appropriate and robust administrative, physical and technical measures to protect all personal information in our possession.‍

b. While we will make every effort to ensure that our system is as secure as possible, no electronic transmission over the Internet or information storage technology is 100 percent secure against cyber threats. In this respect, it is your responsibility and you are strongly encouraged to take the following steps:

1. Take steps to secure your devices.
2. That you make full use all of the tools we provide to secure your account, such as 2 factor authentication, and encryption.
3. Use a secure password and maintain the confidentiality of your password.

a. You have the right to access, review, change and/or delete personal information associated with your account, and/or to opt out of receiving marketing communications from us. All of these can be done through the functions that we have made available on the Platform.

b. If you have any questions about your rights or this Policy, please contact our data protection officer at dpo@dobin.io. We take each request seriously and will comply with your request to the extent required by applicable law. If you have not received a satisfactory response from us, you may consult with the data protection authority in your country.