PRIVACY NOTICE

1. Introduction

1.1 At GLOS Pte. Ltd. ("GLOS", "us", "we" or "our"), your privacy is important to us and we are committed to managing personal data in accordance with our obligations under the Personal Data Protection Act 2012 ("PDPA"). This Personal Data Protection Notice ("Notice") explains how and why we collect, use, disclose and transfer your personal data. In our interactions with you, GLOS may operate under the brand name "VIO".

1.2 This Notice should be read together with any other consents which you may have provided to us, or agreements which you may have signed with us. This Notice is not intended to supersede or replace these other consents and agreements.

1.3 We may from time to time update this Notice to ensure that it is consistent with our future developments, industry trends and/or any changes in legal or regulatory requirements. If any material revision is made to this Notice, updates will be published at www.vio.com.sg/privacy-notice and/or be notified to you via email. Subject to your rights at law, the prevailing terms of the Notice shall apply.

2. Your Personal Data

2.1 In this Notice, "Personal Data" refers to any data, whether true or not, about an individual who can be identified from that data, or from any data and other information which we have or to which we are likely to have access.

2.2 Examples of Personal Data which we may collect, use and disclose include:

(a) your name, telephone number(s), mailing address, email address and any other contact information relating to you which you may have provided to us;

(b) information on your interaction with and use of our website and online services, including information collected through cookies and similar technologies, such as your IP address; and

(c) your transaction-related information, including your purchase history and payment information.

3. Collection of Personal Data

3.1 Generally, we may collect your Personal Data in the following ways:

(a) when you access our website, register for an account with us and/or use our online services;

(b) when you interact with our employees and/or service providers, including customer support staff and installation service personnel or service providers;

(c) when you purchase our products and/or use our services;

(d) when you participate in our events and/or promotions; and

(e) when you request that we contact you for other reason.

4. Purposes for the Collection, Use and Disclosure of Your Personal Data

4.1 Generally, we may collect, use and/or disclose your Personal Data for the following purposes:

(a) to communicate with you in order to facilitate customer service requests, respond to your feedback and/or queries, and/or resolve complaints;

(b) to monitor or record phone calls and other customer-facing interactions for quality assurance, employee training, performance evaluation and/or identity verification purposes;

(c) to communicate with you to inform you of changes and/or updates to our policies, terms and conditions and/or other administrative information;

(d) to manage, operate, provide and/or administer your use of and/or access to our services and our website platform (including, remembering your preferences), as well as your relationship and user account with us;

(e) to verify your identity for the purpose of providing you with our products and services;

(f) to process, deal with and complete a transaction and/or to fulfil your requests for our products and services;

(g) to manage our infrastructure and business operations and/or comply with internal policies and procedures;

(h) to prevent, detect and investigate crime, and analyse and manage any commercial risks;

(i) to archive, store and back-up documents and records in both electronic and physical form for purposes including record keeping and disaster recovery;

(j) to audit our services and business, and to conduct financial reporting and analysis relating to our business operations;

(k) to deal with and/or facilitate a business asset transaction or a potential business asset transaction;

(l) to seek legal services, enforce our terms and conditions and/or any other contractual and legal rights;

(m) to comply with any applicable statute, rule, law, regulation, judgement, decree, guideline or other legal or administrative requirement;

(n) managing the safety and security of our premises and services, including through the use of CCTVs;

(o) to carry out market research or for statistical purposes, in order for us to review, develop and improve the products and services which we provide; and

(p) any purposes reasonably related to any of the above purposes.

5. Additional / Optional Purposes

5.1 Where you have specifically provided us with additional consents, we may also collect, use and/or disclose your Personal Data to send you further information on our products, services, events and activities to which you have expressed interest.

6. Provision of Personal Data Relating to Other Persons

6.1 If you provide us with any Personal Data relating to a third party, by submitting such information to us, you represent and warrant to us that all the necessary consents (procured in accordance with all applicable data protection legislation, including without limitation the PDPA, for such purposes stated in the relevant sections of this Notice) have been obtained from the relevant individuals.

7. Disclosure of Personal Data to Third Parties

7.1 Your Personal Data will be protected and kept confidential. We will not disclose Personal Data other than for the purposes for which you have consented, or where disclosure is required by law.

7.2 Subject to any applicable law, we may disclose your Personal Data for the purposes listed above (where applicable) to the following organisations, whether they are located overseas or in Singapore:

(a) subsidiaries of GLOS Pte. Ltd., including their employees, agents and/or representatives;

(b) agents, contractors or third-party service providers whom we engage to provide delivery, installation and/or related services to you;

(c) agents, contractors or third-party service providers who provide administrative, telecommunications, computer, payment, mailing, information technology, payroll, data processing, training, market research, storage or other services to us in connection with the operation of our business;

(d) any organisation to whom disclosure of Personal Data is necessary in order for us to validly effect, manage, administer and/or enforce any services requested or authorised by you;

(e) any organisation to whom we are under an obligation or otherwise required to make disclosure under the requirements of any applicable law, guidelines or guidance given or issued by any legal, regulatory, governmental, tax, law enforcement or other authorities; and/or

(f) any other organisation to whom you authorise us to disclose your Personal Data.

7.3 In the event that we disclose your Personal Data to third parties and/or transfer your Personal Data outside of Singapore, we shall take all reasonable steps to ensure that it is provided with a comparable standard of protection, whether contractually or otherwise.

8. Use of Cookies

8.1 A cookie is a small text file that is placed on your computer when you visit certain websites. The purposes for which we use cookies include, but are not limited to, monitoring the performance of our website, assessing the popularity of different sections of the site and facilitating the use of online web forms. We may link cookie information to Personal Data. Cookies also link to information regarding what items you have selected for purchase and pages you have viewed. This information is used to keep track of your shopping cart, for example. Cookies are also used to deliver content specific to your interests.

8.2 If you do not want to receive cookies from our website, you have the option of setting your browser to notify you when you receive cookies, so that you may determine whether to accept it or not. However, please be aware that if you do turn off cookies in your browser, you may not be able to fully utilise some portions of our website.

9. Withdrawal of Consent

9.1 Where you have provided consent or your consent has been deemed, you may withdraw your consent for the collection, use and/or disclosure of your Personal Data in our possession and/or under our control by submitting a request via email to our Data Protection Officer.

9.2 We will process your request within a reasonable time of such notification being made, but in any case no later than 10 days from the date of receiving your notification. Please be aware that where you withdraw your consent for our processing of your Personal Data, this may prevent us from providing or continuing to provide you with our products and/or services.

10. Access to Personal Data

10.1 You may request access to your Personal Data currently within our possession and/or control. This should be done by submitting to a request to our Data Protection Officer by email. As our obligations under the PDPA require us to ensure that your Personal Data is protected, we will request information from you to verify your identity before disclosing any information to you. Following your request, our Data Protection Officer might also contact you in order to seek clarification on the specific information which you require.

10.2 We will respond to any request within a reasonable time of such a request being made, but in any case no later than 30 days from the date of the request. Please note that there may be circumstances where, by law, we will not be required or able to accede to your request. Subject to any applicable law, we will inform you of our reasons if we are not able to accede to your request.

10.3 Please note that we may charge a reasonable fee for the handling and processing of your request. You will be informed of any fee before your request is processed.

11. Correction of Personal Data

11.1 We will endeavour to ensure that your Personal Data is sufficiently accurate and complete. However, we are reliant on you to provide us with accurate and complete Personal Data and with updates if there are any changes to your Personal Data. We will not be responsible for relying on and/or using any inaccurate or incomplete Personal Data where you have provided us with such Personal Data and/or have failed to update us of any changes in your Personal Data.

11.2 You may request that corrections be made to your Personal Data in our possession. This should be done by submitting a request to our Data Protection Officer by email. Following your request, our Data Protection Officer might also contact you in order to seek clarification on the specific information which you would like us to correct.

11.3 We will respond to any request within a reasonable time of such a request being made, but in any case no later than 30 days from the date of the request. There may be circumstances where, by law, we will not be required or able to accede to your request. Where this is the case, we will notify you of this within a reasonable time.

12. Protection and Retention of Personal Data

12.1 We will take reasonable efforts to protect Personal Data in our possession or our control by making reasonable physical, technical, administrative and procedural security arrangements to prevent unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks.

12.2 We will take all reasonable steps to ensure that the Personal Data disclosed to all third parties is provided with a comparable standard of protection, whether contractually or otherwise. However, we do not assume responsibility for any unauthorised use of your Personal Data by third parties that are attributable to factors beyond our control.

12.3 We will put in place measures to ensure that your Personal Data in our possession and/or under our control is destroyed and/or anonymised as soon as it is reasonable to assume that the purpose for which the Personal Data was collected is no longer being served by the retention of such Personal Data, and retention is no longer necessary for any other legal, business or administrative purposes.

13. Contacting Us

13.1 If you have any questions or complaints relating to the use or disclosure of your Personal Data, or if you wish to know more about our data protection policies and practices, please contact our Data Protection Officer via email at dpo@vio.com.sg.