Comment on page
Date Last Revised: [23/10/2023]
(a) access or use NINJI Wallet applications (including unhosted mobile device application and browser extension) (collectively, “Applications”) provided on or in connection with Services, as described in our Terms of Service (To insert link) (collectively, the “Services”); and
(b) provide us with your personal data.
When you contact us, we may require that you submit certain forms or provide certain information, including verification of your identity, before we are able to respond.
“Personal data” is data that can be used to identify a natural person. Examples of personal data include name, transactional information based on your activities on our Applications and/or Services, and any other information of a personal nature.
We may collect and process personal data provided directly by you. We also process, insofar as necessary, personal data provided to us by third parties, including publicly accessible data, personal data legitimately provided by other group companies, personal data collected through your use of our (or our service provider’s) digital technologies and services, and personal data provided by other trusted third parties (including our service providers).
You are responsible for ensuring that all personal data that you provide to us is true, accurate and complete. You are responsible for informing us of any changes to your data in writing, so that we may take all reasonable measures to keep our records of your personal data correct and up to date.
When our collection is based on consent, you have the choice, at any time, not to provide your personal data to us or to withdraw your consent previously provided to us. However, do note that if you do so, we may be unable to fulfill the purposes for which we require the personal data, continue to provide Services to you (e.g. processing your transactions), and/or fulfill any contractual relationship which may be in place between us.
Our Applications and/or Services are not intended to be accessed or used by children, minors or persons who are not of legal age. If you are a parent or guardian and you have reason to believe your child or ward has provided us with their personal data without your consent, please contact us.
You may voluntarily give us your personal data by filling in forms on the Applications or by corresponding with us by phone, e-mail or otherwise. This includes personal data you provide when you register on the Applications, use our Services or the services provided by our service providers, or when you report a problem with the Applications. See Clause 1.4 for more information on how we collect your personal data.
Examples of personal data you may provide to us include (depending on the nature of your interaction with us) your name, email address, and any other information relating to any individuals which you have provided to us in any forms submitted to us, or via other forms of interaction with you. See Clause 1.2 for more information on the types of personal data we may collect from you.
With regard to each of your visits to or use of our Applications, we may collect the following information and/or personal data that are relevant to our relationship with you, as well as copies of documents verifying such information:
(a) your financial information, including but not limited to, your transaction history , your investment details, and any other information or documents in order to comply with domestic and international industry standards, government rules and regulations, particularly Anti-Money Laundering (AML) regulations, Know Your Customer (KYC) rules, and Counter-Terrorist Financing (CTF) regulations;
(b) technical information, including but not limited to the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, and information relating to your operating system and platform;
(c) information about your visit and use of our Applications, including but not limited to the full Uniform Resource Locators (URL) clickstream to, through and from our Applications (including date and time), download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page; and
Apart from personal data, we may collect other types of information which are not related to an individual and which are anonymous. For example, the number of website visitors and the number of website users using a particular service.
We may collect your personal data directly or indirectly through various channels, such as:
(a) when you register an account or Wallet with us through our Applications;
(b) when you log in, visit, use, access or download our Applications and Services;
(c) when you authorize us to obtain your personal data from a third party;
(d) when you enter into agreements with us;
(e) when you transact with us, contact us or request that we contact you through various communication channels, for example, through social media platforms, messenger platforms, face-to-face meetings, emails and letters;
(f) when you attend events or functions organized by us;
(g) we seek information about you and receive your personal data in connection with your relationship with us;
(h) when you submit your personal data to us for any other reason;
(i) when you voluntarily complete any user survey or provide feedback to us via emails or any other electronic channels;
(j) through automated data collection technologies upon visiting our Applications; and
Depending on your relationship with us, we may also collect and receive your personal data from third party sources, for example, from:
(a) public databases, public agencies, other public sources, credit bureaus, blockchain data;
(b) third parties whom you have authorised us to obtain your personal data from;
(c) our business partners such as third parties providing services to us (including but not limited to, our ID verification partners, marketing partners, advertising partners, our sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers and credit reference agencies); and/or
(d) your family members or friends who provide your personal data to us on your behalf.
We may also receive personal data about you if you use any of the other websites or platforms we operate (or operated by our affiliate or related companies), or other services we (or our affiliate or related companies) provide.
We collect, use, disclose and process your personal data, including data provided by you, data we collect about you and data provided by third parties, in the following ways and upon the following grounds:
(a) for the fulfillment of contractual obligations and/or transactions entered into between you and us, and to provide you with the information, or Services that you request from us;
(b) facilitating the use of our Applications, including verifying, authenticating and/or establishing your identify;
(c) facilitating business asset transactions;
(d) to notify you about changes to our Services;
(e) to comply with any legal or regulatory obligations, applicable laws, regulations, codes of practices, guidelines, industry standards (domestic or global), government requests, or rules (including but not limited to Anti-Money Laundering (AML) regulations, Know Your Customer (KYC) rules, and Counter-Terrorist Financing (CTF) regulations), or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority;
(f) where it is strictly necessary (i.e. to protect the vital interests of the users or other natural persons, to fulfil the purpose of public interest, or to pursue our reasonable interests);
(g) security purposes, e.g. to monitor and detect suspicious activities, to protect users from fraudulent activities, to protect our Applications, users' accounts, and archives from unauthorised access or usage, to prevent damage to our Applications and systems, and to protect against automated abuse such as spam, and phishing;
(h) communicating with you (through messages, emails, live chats or otherwise) and assisting you with your queries, requests, applications, complaints and feedback;
(i) resolving any disputes or legal claims, investigating any complaint, claim or dispute or any actual or suspected illegal or unlawful conduct;
(j) administrative purposes, including finance, IT and HR purposes, quality assurance and staff training, and compliance with internal policies and procedures, including audit, accounting, risk management and record keeping;
(k) carrying out research and statistical analysis, including development of new products and services or evaluation, and improvement of our existing Services (including but not limited to, gaining better understanding of users' needs and behaviors, diagnosing any problems with our server, and quality assurance);
(l) performing data analytics and related technologies on data, to enable us to deliver relevant content and information to you, and to improve our websites and digital platforms (e.g. ensuring that content from our Applications are presented in the most effective manner for you and for your computer);
(m) managing and engaging third parties, data processors or subcontractors that provide services to us, e.g. IT services, technological services, delivery services, and other professional services (e.g. accountants, lawyers and auditors);
(n) such purposes that may be informed to you when your personal data is collected; and/or
(o) any other reasonable purposes related to the aforesaid.
We may, if necessary or required by law, provide your personal data to law enforcement agencies, regulatory organizations, courts or other public authorities. Where appropriate, we will attempt to notify our customers about legal demands for their personal data. You agree that we may not be able to do so if such notification is prohibited by law or court order, when the request is an emergency, or when the burden or expense of notifying the customers would be unreasonable to us. We may dispute such demands when we believe that the requests are disproportionate, vague or lack proper authority, but we do not promise or undertake to challenge every demand.
In order for us, or for authorized third parties permitted by us, to market or advertise products, events, and/or services that are of specific interest and relevance to you, we may analyze, use, process and/or rely on your personal data provided to us, or data collected from your interactions with us. However, no marketing or advertising, using your personal data in non-aggregated and/or identifiable form would be carried out unless you have provided us with your consent to use your personal data for such marketing or advertising purposes. If you do not want us to use or process your personal data for the purposes of marketing or advertising, you can withdraw your consent at any time by contacting us. You can exercise your right to prevent such use or processing by checking certain boxes on the forms we use to collect your personal data. If you are an existing customer, we will only contact you by electronic means (e-mail or SMS or other means) with information about goods and services similar to those which were the subject of a previous sale or negotiations of a sale to you, subject to your consent. If you are a new customer, and where we permit selected third parties to use your data for marketing or advertising purposes, we (or they) will contact you by electronic means only, subject to your consent.
We may also collect, use, disclose and process your personal data for the following purposes to safeguard, support and/or carry out our company’s legitimate business interests such as:
(a) processing of personal data for the purposes of our daily operations including billing and debt collecting;
(b) managing our business and relationship with you (e.g. accurately carrying out and confirming your instructions, or for the purposes of providing you with rebates and other benefits), and providing services to our customers;
(c) assistance of carrying out corporate restructuring plans;
(d) protecting our rights and interests, and those of our customers (e.g. processing of your data for the protection of the company’s legal position in the event of legal proceedings);
(e) processing for the purpose of reporting possible criminal acts (e.g. fraud) or threats to public security to competent authorities;
(f) enforcing our terms and conditions, and obligations owed to us, or protecting ourselves from legal liability;
(g) managing our investor and shareholder relations;
(h) complying with internal policies, procedures, and operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes; and/or
(i) process or share your personal data to facilitate acquisitions, mergers, or transfers of our business.
The security of your personal data is our top priority. We shall take care in implementing and maintaining the security of our services and Applications, as well as that of your personal data. We employ procedures and policies that incorporate industry best practices to ensure the integrity of your personal data and to prevent instances of unauthorized use.
Please note that it is impossible to fully guarantee the security of your personal data. While we take reasonable steps to safeguard your personal data in our possession or under our control, you agree not to hold us liable or responsible for any loss or damage resulting from any unauthorized or unintended access that is beyond our control (e.g. hacking or cybercrimes), or abuse of your information. We recommend that you take independent safety precautions to protect your personal data, particularly your credential information such as your username and password. You hereby agree that we shall not be liable for any information leakage and other losses not caused intentionally or otherwise by our gross negligence, including, but not limited to, hacker attacks, power interruptions, or unavoidable technical failures. For the avoidance of doubt, we do not make any warranty, guarantee, or representation that your use of our systems or applications is safe and protected from malware, and other vulnerabilities. We also do not guarantee the security of data that you choose to send us electronically. Sending such data is entirely at your own risk.
We will process and store your personal data for as long as it is necessary in order to fulfill the purposes we collected it for, and to satisfy our business, contractual, legal, regulatory and/or statutory obligations (including audit, accounting or reporting purposes). We may thus be required to retain certain information, including personal data or information of users, users' profiles, identification verification materials, information relevant to AML/KYC/CTF procedures, account information, account agreements, and other agreements between us and third parties, account statements, and other records, for an extended period of time.
We will assess and respond to requests to delete personal data and we shall accordingly delete personal data provided that the personal data is no longer required in order to fulfill our business, contractual, legal, regulatory and/or statutory obligations, or the fulfillment of any obligations to preserve records according to applicable laws and regulations.
In general, how long we keep your personal data depends on the nature of the data, e.g. we keep personal data for at least the duration of the limitation period for bringing claims if the personal data may be required to commence or defend legal proceedings. Some information may also be retained for longer e.g. where we are required to do so by law.
In some circumstances we may anonymize and/or aggregate your personal data so that it can no longer be associated with you, in which case we are entitled to retain and use such data without restriction.
Your personal data may be made available, disclosed or shared to our related parties and/or within our group of companies in order to provide our Services or Applications to you, for management and compliance purposes, and to utilize shared group IT functions.
We may share, transfer, disclose, or allow access to your personal data to third parties in connection with the purposes described in Clause 2, including without limitation the purposes described below:
(a) to administer or process a transaction, or services you have authorized or requested, or in the context of facilitating the execution of a transaction;
(b) to facilitate or otherwise enable the sale of tokens (or other products) or any other activity on the Applications which you choose to participate in, including the provision of your personal data to the third party entities to comply with applicable legal, regulatory, compliance or statutory requirements (e.g. AML/KYC/CTF procedures);
(c) to carry out or aid in certain functions during the account opening, updating and/or maintenance process, such as, but not limited to, account processing, surveillance, reconciliation, execution, document retention requirements, and document dissemination;
(d) to process payments which you have authorized (e.g. disclosure to financial institutions that we have partnered with);
(e) to operate and/or improve our Services;
(f) if we are discussing selling or transferring part or all of our business, to a purchaser of our business. The information may be transferred to prospective purchasers under suitable terms as to confidentiality;
(g) if we are reorganised or sold, information may be transferred to a buyer who can continue to provide the Applications and related services to you;
(h) to facilitate account closing where you have a deficient balance, or upon excessive instances where you do not have sufficient funds in your account;
(i) to third parties that provide services to us, such as, but not limited to, data providers, technology providers, consulting, sales, client support operations, payment processing, authentication services, professional services (including accountants, lawyers and auditors), and technical support or services;
(j) to third parties in order to fulfil such third party products and/or services as may be requested or directed by you;
(k) if we are defending a legal claim your information may be transferred as required in connection with defending such claim;
(l) to law enforcement agencies, authorities, public agencies and government officials, or other third parties when we are compelled to do so by a subpoena, court order, or similar legal procedure, or when we believe in good faith that the disclosure of personal data is necessary to prevent physical harm or financial loss, to report suspected illegal activity or to investigate violations of any of our terms and conditions, or any other applicable policies; and
(m) other circumstances under which we may disclose your personal data such as:
i. to comply, as necessary, with applicable laws and regulatory requirements;
ii. respond to mandatory legal or governmental requests or demands for information;
iii. meet national security requirements;
iv. enforce our agreements, policies, procedures and/or Terms of Service;
v. protect ourselves, our affiliates, our users, our counterparties or the general public from illegal activities; and
vi. to respond to an emergency that requires disclosure of your personal data.
We will ensure that all companies and/or third parties to whom we disclose your personal data will only process it in accordance with our instructions and on our behalf. We will, where appropriate and permissible, enter into contracts with these third parties to protect your personal data in a manner that is consistent with all applicable laws. All such companies and third parties will be required by us to meet the requirements of applicable data protection legislation and our strict privacy and retention policies to keep your personal data secure at all times.
(a) from the jurisdiction where it is collected (or where you are located) to any other jurisdictions that we operate in; and
(b) to third parties in other jurisdictions.
When we transfer your personal data internationally and where required by applicable law, we will put in place appropriate safeguards. You may obtain details of these safeguards by contacting us.
Depending on the jurisdiction that you are in or where we operate, you may enjoy certain rights under applicable law in relation to our collection, use, disclosure and processing of your personal data. Such rights may include:
(a) Access: you may ask us if we hold your personal data and, if we are, you can request access to your personal data free of charge. This enables you to receive a copy of and information on the personal data we hold about you;
(b) Correction: you may request for the rectification or correction of your personal data that is incomplete or inaccurate;
(c) Restriction: you may withdraw consent for our use or process of your personal data, or ask us to suspend the process of your personal data (e.g. if you want us to establish its accuracy);
(d) Objection: where we are processing your personal data based on a legitimate interest (or those of a third party), you may object to processing on this ground;
(e) Portability: you may request for the transfer of your personal data to another party under certain circumstances; and
(f) Erasure: you may request the erasure, deletion or removal of your personal data that we hold about you in certain circumstances.
If you wish to exercise any of your rights, you may contact us at [email protected]. We may require that you submit certain forms or provide certain information to process your request. Where permitted by law, we may also charge you a fee to process your request.
We may be permitted under applicable laws to refuse a request, for example, we may refuse (a) a request for erasure where the personal data is required for in connection with claims; or (b) an objection request and continue processing your personal data based on compelling legitimate grounds for the processing.