PRIVACY POLICY

This Privacy Policy describes how we manage Personal Data in compliance with the Singapore Personal Data Protection Act 2012 (No. 26 of 2012) (“Act”).  We encourage you to read this Privacy Policy to find out about and understand the purposes for which we collect, use and disclose your Personal Data.

This Privacy Policy may be updated from time to time.  Subject to your rights at law, you agree to be bound by the prevailing terms of this Privacy Policy as updated from time to time.  We recommend that you check the latest version of this Privacy Policy periodically.

"Personal Data" refers to data, whether factual or not, about an individual who can be identified from that data, or from that data in combination with other information to which the organisation may have access and includes the meaning otherwise as defined in the Act as amended from time to time.

By signing up for or using any products, services or campaigns offered by Dashing Diva Singapore or submitting information to or otherwise communicating with Dashing Diva Singapore, you agree and consent to Dashing Diva Singapore and our related entities, affiliates and subsidiaries (individually and collectively, "Companies"), as well as their respective representatives and/or agents (collectively referred to herein as "Dashing Diva", "us", "we" or "our") collecting, using and disclosing your Personal Data in accordance with this Privacy Policy. “You” or “your” means any individual to whom the Act applies and includes an individual actual or prospective customer but excludes any corporate entity (including corporate customers) and any other entity that is excluded under the Act.

This Privacy Policy does not supersede or replace any other consents you may have previously or separately provided to us in respect of your Personal Data, and your consent to this Privacy Policy is in addition to any other rights which any of the Companies may have at law to collect, use or disclose your Personal Data.

This Privacy Policy and your use of this website shall be governed in all respects by the laws of Singapore.


----

SECTION 1 - WHAT DO WE DO WITH YOUR INFORMATION?

1. When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, address and email address to fulfil your order.

2. When you browse our store, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.

3. Email marketing (if applicable): With your permission, we may send you emails about our store, new products and other updates.

4. Others purposes may include:
a) to respond to your enquiries, other customer-care matters or otherwise communicate with you.

b) to carry out marketing promotions and campaigns, contests and lucky draws and personalising your experience at our website.

c) to comply with legal and regulatory requirements.

d) to enforce our legal rights and obligations.

e) for other purposes for which we have obtained your consent; and
f)  for any other purposes reasonably necessary, ancillary or related to the above specified purposes.

5. If you have provided us with your Singapore telephone number(s) and have indicated that you consent to receiving marketing or promotional information via your Singapore telephone number(s), then from time to time, we may contact you using such Singapore telephone number(s) (including via voice calls, text, fax or other means) with information about our products and services.


SECTION 2 - COLLECTION & CONSENT

How do you collect my data and consent?

1. Personal Data may be collected from you in one or more of the following ways:
a) when you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase. We imply that you consent to our collecting it and using it for these specific reasons only.

b) when you post a review or interact with our customer service via email or telephone.

c) when we ask for your personal information for a secondary reason, like marketing. We will either ask you directly for your expressed consent, or provide you with an opportunity to say no.

d) when you request that we contact you, be included in an email or other mailing lists.

e) when you respond to our promotions, campaigns or other initiatives or attend our events.

f) when you visit our website.

g) when you participate in any contest, survey or promotion conducted by us and/or our partners.

h) when we receive information about you from third-party social networking services when you choose to connect with those services.

i) when you submit your Personal Data to us for any other reasons or collected by us by lawful means.

2. Unless permitted by applicable laws, we will not collect Personal Data without your consent.

3. You warrant and represent to us that (a) Personal Data which you disclose to us is accurate and complete; and (b) where you volunteer Personal Data of another person to us, that you are authorized by such other person to disclose such Personal Data to us, and that such Personal Data is accurate and complete.

4. You shall consult your parent or guardian before giving us your Personal Data if you are under the age of eighteen (18).

How do I withdraw my consent?

1. If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at any time, by contacting us at shop@dashingdiva.com.sg.

2. You may also withdraw your consent for specific forms of communication and on specific communications via the unsubscribe options as stated in our email or other marketing messages.

3. By withdrawing your consent, you acknowledge that we may not be able to provide or continue providing certain goods, privileges and/or services to you and that we may cease such provision accordingly without any liability. Please note that it may take up to 30 working days for any request for consent withdrawal to be reflected.

4. We will, at your request, endeavour to provide you with an account of your Personal Data in our possession or control within a reasonable time. Such account shall be in respect of how your Personal Data has been or may have been generally used or disclosed within the year before the date of your request. We reserve the right to charge a reasonable administrative fee for carrying out your request.


SECTION 3 - ACCURACY & CORRECTION

1. We will endeavour to ensure that your Personal Data we use is sufficiently accurate and complete in making any decision that impacts you.
2. To help us maintain the accuracy of your Personal Data, we encourage you to inform us when there are any changes to your Personal Data which you have provided us by writing to the Office of our Data Protection Officer. We will correct or complete your Personal Data as soon as reasonably practicable.


SECTION 4 - PROTECTION, POLICIES AND PROCEDURES

We will endeavour to protect your Personal Data in our possession or control against risks of unauthorised access, collection, use, disclosure, copying, modification, disposal or destruction, through reasonable and appropriate security measures. Notwithstanding our security measures for protecting your Personal Data, you acknowledge that no data transmission over the Internet is completely secure and by providing your Personal Data, you are transmitting information at your own risk.


SECTION 5 - DISCLOSURE

We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.


SECTION 6 - SHOPIFY

Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.

Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.

1. Payment:
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.

2. All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.

3. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.

For more insight, you may also want to read Shopify’s Terms of Service here or Privacy Statement here.


SECTION 7 - THIRD-PARTY LINKS AND SERVICES

In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.

However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.

For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.

In particular, remember that certain providers may be located in or have facilities that are located in a different jurisdiction than either you or us. So if you choose to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.

As an example, if you are located in Singapore and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.

Once you leave our store’s website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s Terms of Service. You should exercise caution, and review the privacy statements applicable to the third-party websites and services you use. To the fullest extent permitted under laws, we cannot be responsible for a third party's acts, omissions, data policies or their use of cookies nor the content or security of any third party websites, even if linked to our website. Any such liability is expressly disclaimed and excluded.


SECTION 8 - SECURITY

To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.

If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.

Notwithstanding our security measures for protecting your Personal Data, you acknowledge that no data transmission over the Internet is completely secure and by providing your Personal Data, you are transmitting information at your own risk.


COOKIES

1. We gather Information on our website activity, such as data on the number of visitors, the pages they visit, the duration of their stay, etc. Such information is collected on an aggregate, anonymous basis, which means no Personal Data is associated with this data and gathered through the use of web server logs and cookies. We do not at our website automatically collect Personal Data unless you provide such information or login with your account credentials.

2. Cookies are small bits of data automatically stored on the hard drive of the end user and are commonly used to track preferences in relation to the subject of such website. If you enable these cookies, then your web browser adds the text in a small file. You may wish to set your web browser to notify you of a cookie placement request or refuse to accept cookies by modifying relevant internet options or browsing preferences of your computer system, but to do so you may not be able to utilize or activate certain available functions on our website.

3. By accessing and using our website and services, you consent to the storage of cookies, other local storage technologies, beacons and other information on your devices. You also consent to the access of such cookies, local storage technologies, beacons and information by us or our representatives or agents.

Here is a list of cookies that we use. We’ve listed them here so you can choose if you want to opt-out of cookies or not.

_session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).

_shopify_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits

_shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.

cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.

_secure_session_id, unique token, sessional

storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.


SECTION 9 - CHANGES TO THIS PRIVACY POLICY

We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it.

If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.


QUESTIONS AND CONTACT INFORMATION

If you would like to enquire, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information, contact our Data Compliance Officer at shop@dashingdiva.com.sg.

----

For more information about the Singapore Personal Data Protection Act, please visit http://www.pdpc.gov.sg.
© Dashing Diva Singapore 2018. All rights reserved.

Last updated: Friday, 2 March 2018