Data Protection Policy
Updated at 9th February 2022
Fort One Technologies Pte Ltd (UEN: 20212158N) (“Cyber Sierra”, “we,” “our,” or “us”), the owner and operator of this Website, is committed to protecting your personal data (as defined below), to the extent we collect, use and control your personal data. This Data Protection Policy (“Policy”) explains how your personal data is collected, used, and disclosed by Cyber Sierra.
To the extent the General Data Protection Regulation (“GDPR”) or the California Consumer Privacy Act (“CCPA”) applies to you, please refer to paragraphs 21 and 22 respectively.
This Policy applies to our Website and our Products and Services. By accessing or using our Website and/or Products or Services, you signify that you have read, understood, and agree to our collection, storage, use, and disclosure of your personal data as described in this Policy.
This Policy is incorporated into and forms part of the Cyber Sierra Terms and Conditions, which govern the use of our Website, Products and Services, are legally binding on you and which you may review here: Terms and Conditions.
1. Definitions and key terms
In this Policy:
-“Cookie” means a small amount of data generated by a website and saved by your web browser. It is used to identify your browser, provide analytics, and remember information about you such as your language preference or login information.
-"Corporate Affiliate" means any person or entity which directly or indirectly controls, is controlled by or is under common control with Cyber Sierra, whether by way of ownership or otherwise.
-“device” means any internet connected device such as a phone, tablet, computer or any other device that can be used to visit this Website and/or use any digital product or service offered by Cyber Sierra, whether via this Website or otherwise.
-IP address means every device connected to the Internet is assigned a number known as an Internet protocol (IP) address. These numbers are usually assigned in geographic blocks. An IP address can often be used to identify the location from which a device is connecting to the Internet.
-“personal data” means data, whether true or not, about an individual who can be identified: (a) from that data; or (b) from that data and other information to which we have or are likely to have access.
-“Product(s)” refers to any product(s) offered by Cyber Sierra or mentioned on this Website.
-“Service(s)” refers to any service(s) offered by Cyber Sierra or mentioned on this Website.
-”Website” means this Cyber Sierra site, which can be accessed via this URL: www.cybersierra.co and all sub-domains thereunder.
-“You” or “Your” refers both to you, the user of this Website or any Products or Services as an individual or if applicable, to the entity you represent.
2. When is your personal data collected?
Cyber Sierra will collect personal data that you submit to us, or which you consent to us collecting. We may also receive personal data about you from third parties as described below.
3. What Personal Data Do We Collect from You?
We collect personal data from you when you visit, use or register on our Website, our Products or Services or software apps, place an order, subscribe to our newsletter (if any), respond to a survey, enter a promotional or marketing event or contest, apply for a job or to supply services as an independent contractor or fill out a form. These include:
Name / Username
The IP address(es) of the device(s) you use.
4. How Do We Use the Personal Data We Collect?
Any of the personal data we collect from you may be used for any one or all of the following purposes:
performing obligations in the course of or in connection with our provision of the products and/or services requested by you;
to personalize your experience when using our website, or Products or Services (your information helps us to better respond to your individual needs);
verifying your identity; responding to, handling, and processing queries, requests, applications, complaints, and feedback from you;
managing your relationship with us; processing payment or credit transactions; sending you marketing information about our products or services including notifying you of our marketing events, initiatives and promotions, lucky draws, membership and rewards schemes and other promotions;
complying with any applicable laws, regulations, codes of practice, guidelines, or rules, or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority; any other purposes for which you have provided the information;
storing or creating backups of the data on the cloud (which, due to the nature of cloud storage solutions, may require the data to be transferred outside of Singapore) or physical servers; transmitting to any unaffiliated third parties including our third-party service providers and agents, and relevant governmental and/or regulatory authorities, whether in Singapore or abroad, for the aforementioned purposes; and(k) any other incidental business purposes related to or in connection with the above.
5. When does Cyber Sierra collect your personal data from third parties?
Cyber Sierra will collect your personal data as necessary to provide our Products or Services to you.You may voluntarily provide us with personal data you have made available on social media websites. If you provide us with any such personal data, we may collect publicly available information from the social media websites you have indicated. You can control how much of your personal data social media websites make public by visiting these websites and changing your privacy settings.
6. When does Cyber Sierra use personal data collected from third parties?
We receive some personal data from third parties when you contact us. For example, when you submit your email address to us to show interest in becoming a Cyber Sierra customer, we receive personal data from a third party that provides automated fraud detection services to Cyber Sierra. With your consent, we also occasionally collect personal data that is made publicly available on social media websites.
7. Do we share the personal data we collect with third parties?
We may share the personal data that we collect with third parties such as advertisers, contest sponsors, promotional and marketing partners, and others who provide our content or whose products or services we think may interest you. We may also share it with our current and future affiliated companies and business partners, and if we are involved in a merger, asset sale or other business reorganization, we may also share or transfer your personal data to our successors-in-interest.
We may engage trusted third-party service providers to perform functions and provide services to us, such as hosting and maintaining our servers, this Website, our Products and Services and other software apps, database storage and management, e-mail management, storage marketing, credit card processing, customer service and fulfilling orders for Products and Services you may purchase. We will likely share your personal data with these third parties to enable them to perform these services for us and for you.
We may share portions of our log file data, including IP addresses, for analytics purposes with third parties such as web analytics partners, application developers, and ad networks. If your IP address is shared, it may be used to estimate general location and other technographics such as connection speed, whether you have visited this Website, our Products or Services or other software apps in a shared location, and the type of device used to visit this Website, our Products or Services or other software apps. They may aggregate information about our advertising and what you see on this Website, our Products or Services or other software apps and then provide auditing, research and reporting for us and our advertisers.
We may also disclose personal data about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate in order to respond to claims, legal process (including subpoenas), to protect our rights and interests or those of a third party, the safety of the public or any person, to prevent or stop any illegal, unethical, or legally actionable activity, or to otherwise comply with applicable court orders, laws, rules and regulations.
8.How Do We Use Your Email Address?
By submitting your email address on this Website, our Products or Services or software apps, you agree to receive emails from us. You can cancel your participation in any of these email lists at any time by clicking on the opt-out link or other unsubscribe option that is included in the respective email. We only send emails to people who have authorized us to contact them, either directly, or through a third party. We do not send unsolicited commercial emails, because we hate spam as much as you do. By submitting your email address, you also agree to allow us to use your email address for customer audience targeting on sites like Facebook, where we display custom advertising to specific people who have opted-in to receive communications from us. Email addresses submitted only through an order processing page will be used for the sole purpose of sending you information and updates pertaining to your order. If, however, you have provided the same email to us through another method, we may use it for any of the purposes stated in this Policy.
9. How Long Do We Keep Your Personal Data?
We keep your personal data only so long as we need it to provide our Products or Services to you, fulfill the purposes described in this Policy, and comply with our legal and regulatory obligations to maintain business and/or financial records. We will use reasonable efforts to ensure that this is also the case for anyone that we share your information with and who carries out services on our behalf. When we no longer need to use your personal data and there is no need for us to keep it to comply with our legal or regulatory obligations, we’ll either remove it from our systems or anonymize it so that you cannot be identified from the data.
10. How Do We Protect Your Personal Data?
We, or 3rd parties we work with, implement a variety of security measures to maintain the safety of your personal data when you place an order or enter, submit, or access your personal data. We use a secure server. When payments are processed, all payment or credit information provided by you is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our payment processing service providers’ database(s) which are only accessible by those authorized with special access rights to such systems, and are required to keep the information confidential. Your private information (such as credit card information) is never kept by Cyber Sierra. We cannot, however, ensure or warrant the absolute security of any information you transmit via Cyber Sierra’s payment processing service provider(s) or guarantee that such information may not be accessed, disclosed, altered, or destroyed by a breach of any physical, technical, or managerial safeguards implemented by Cyber Sierra and/or our payment processing service providers.
11. Could my personal data be transferred to other countries?
Cyber Sierra is incorporated in Singapore. Information collected via our Website, Products or Services or through direct interactions with you, or from use of our help services may be transferred from time to time to our offices or personnel, or to third parties, located throughout the world, and may be viewed and hosted anywhere in the world, including countries that may not have laws of general applicability regulating the use and transfer of such data. When transferred outside of Singapore, we will take reasonable steps to ensure that your personal data continues to receive a standard of protection that is at least comparable to that provided under the Personal Data Protection Act of Singapore.
12. Is the personal data collected secure?
We take precautions to protect the security of your personal data. We have physical, electronic, and managerial procedures to help safeguard, prevent unauthorized access, maintain data security, and correctly use your information. However, neither people nor security systems are foolproof, including encryption systems. Therefore, while we use reasonable efforts to protect your personal data, we cannot guarantee its absolute security.
13. Can I update or correct my personal data?
You have the right to withdraw your consent to our collection, use or disclosure of your personal data, or request the restriction of certain uses and disclosures of personal data. You can contact us in order to (1) update or correct your personal data, (2) change your preferences with respect to communications and other information you receive from us, or (3) delete the personal data maintained about you on our systems (subject to the following paragraph), by cancelling your account.
Such updates, corrections, changes and deletions will have no effect on other information that we maintain, or information that we have provided to third parties in accordance with this Policy prior to such update, correction, change or deletion. To protect your privacy and security, we may take reasonable steps (such as requesting a unique password) to verify your identity before granting you profile access or making corrections. You are responsible for maintaining the secrecy of your unique password and account information at all times.
You should be aware that it is not technologically possible to remove each and every record of the information you have provided to us from our system. The need to back up our systems to protect information from inadvertent loss means that a copy of your information may exist in a non-erasable form that will be difficult or impossible for us to locate. Promptly after receiving your request, all personal data stored in databases we actively use, and other readily searchable media will be updated, corrected, changed or deleted, as appropriate, as soon as and to the extent reasonably and technically practicable.
14. Sale of Business
We reserve the right to transfer your personal data to any third party in the event of a sale, merger, re-organisation or transfer of any of the assets of Cyber Sierra or any of its Corporate Affiliates, or in the event that we discontinue our business or file a petition or have filed against us a petition for liquidation, winding-up, dissolution, reorganization or similar proceeding, provided that any such third party agrees to comply with this Policy.
We may disclose information (including personal data) about you to our Corporate Affiliates. Any information relating to you that we provide to our Corporate Affiliates will be treated by those Corporate Affiliates in accordance with the terms of this Policy.
16. Young Persons’ Privacy
We do not market to or address anyone under the age of 18. We do not knowingly collect personal data from anyone under the age of 18. If any parent or guardian is aware that a child has provided Cyber Sierra with personal data, please contact us. If we become aware that we have collected personal data from anyone under the age of 18 without verification of parental consent, we will take steps to remove that information from our servers.
18. Changes to Our Data Protection Policy
We may change our Website, Products and Services and policies, and we may need to make changes to this Policy so that they accurately reflect our Website, Products and Services and policies. Unless otherwise required by law, we will notify you (for example, through our Website, Products or Services) when we make changes to this Policy. Then, if you continue to use our Website, Products or Services, you will be bound by the updated Policy. If you do not want to agree to this or any updated Policy, you can stop using our Website, Products and Services and, if applicable, delete your account.
19. Tracking Technologies
You may also set your browser to block cookies and similar technologies, but this action may block our essential cookies and prevent our Website, Products or Services from functioning properly, and you may not be able to fully utilize all of its features and services. You should also be aware that you may also lose some saved information (e.g. saved login details, site preferences) if you block cookies on your browser. Different browsers make different controls available to you. Disabling a cookie or category of cookie does not delete the cookie from your browser, you will need to do this yourself from within your browser, you should visit your browser's help menu for more information.
Local Storage sometimes known as DOM storage provides web apps with methods and protocols for storing client-side data. Web storage supports persistent data storage, similar to cookies but with a greatly enhanced capacity and no information stored in the HTTP request header.
Cyber Sierra uses "Sessions" to identify the areas of our Website that you have visited. A Session is a small piece of data stored on your computer or mobile device by your web browser.
21. Information about General Data Protection Regulation (GDPR)
We may be collecting and using information from you if you are from the European Economic Area (EEA), and in this section of our Policy we are going to explain exactly how and why is this data collected, and how we maintain this data under protection from being replicated or used in the wrong way.
What is GDPR?
GDPR is an EU-wide privacy and data protection law that regulates how EU residents' data is protected by companies and enhances the control EU residents have over their personal data.
The GDPR is relevant to any globally operating company and not just the EU-based businesses and EU residents. Our customers’ data is important irrespective of where they are located, which is why we have implemented GDPR controls as our baseline standard for all our operations worldwide.
What is personal data?
Under the GDPR, personal data is any data that relates to an identifiable or identified individual. GDPR covers a broad spectrum of information that could be used on its own, or in combination with other pieces of information, to identify a person. Personal data extends beyond a person’s name or email address. Some examples include financial information, political opinions, genetic data, biometric data, IP addresses, physical address, sexual orientation, and ethnicity.
The Data Protection Principles include requirements such as:
-Personal data collected must be processed in a fair, legal, and transparent way and should only be used in a way that a person would reasonably expect.
-Personal data should only be collected to fulfil a specific purpose and it should only be used for that purpose. Organizations must specify why they need the personal data when they collect it.
-Personal data should be held no longer than necessary to fulfil its purpose.
-People covered by the GDPR have the right to access their own personal data. They can also request a copy of their data, and that their data be updated, deleted, restricted, or moved to another organization.
Why is GDPR important?
GDPR adds some new requirements regarding how companies should protect individuals' personal data that they collect and process. At Cyber Sierra we strongly believe that your data privacy is very important and we already have solid security and privacy practices in place that go beyond the requirements of this new regulation.
Individual Data Subject's Rights - Data Access, Portability and Deletion
We are committed to meeting the data subject rights requirements of GDPR. Cyber Sierra processes or stores all personal data with fully vetted vendors which comply with the requirements of the GDPR. We do store all conversation and personal data for up to 6 years unless your account is deleted. In which case, we dispose of all data in accordance with our Policy, but we will not hold it longer than 60 days.
We also provide you with the ability to access, update, retrieve and remove your personal data.
The California Consumer Privacy Act (CCPA) requires us to disclose categories of personal data we collect and how we use it, the categories of sources from whom we collect personal data, and the third parties with whom we share it, which we have explained above.
We are also required to communicate information about rights California residents have under California law. If you are a resident of California, you may exercise the following rights:
-Right to Know and Access. You may submit a verifiable request for information regarding the: (1) categories of personal data we collect, use, or share; (2) purposes for which categories of personal data are collected or used by us; (3) categories of sources from which we collect personal data; and (4) specific pieces of personal data we have collected about you.
-Right to Equal Service. We will not discriminate against you if you exercise your privacy rights.
-Right to Delete. You may submit a verifiable request to close your account and we will delete personal data about you that we have collected.
-Request that a business that sells a consumer's personal data, not sell the consumer's personal data.
If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us.
We do not sell the personal data of our users.
For more information about these rights, please contact us.
To exercise any of your above rights, you can also contact our Data Protection Officer using the following contacts: