WEBROOT

Privacy Policy

Data Protection and Privacy Policy

ST ASU PTE. LTD. (the “Company”, “we”, “our” or “us”) realizes the importance of protecting your personal data.

This document contains the personal data protection and privacy policy adopted by the Company to manage your personal data in accordance with the Personal Data Protection 2012 (as may be in force, amended or re-enacted from time to time) and/or other relevant laws and regulations as well as guidelines applicable in Singapore (collectively, the “Act” or “PDPA”). Please take a moment to read this policy to understand the purposes for which we collect, use and/or disclose your personal data. The term “personal data” we use herein has the same meaning as defined in the PDPA.

1. Concerning the observance of laws and standards

1.1 The Company respects the privacy of individuals and recognizes the need to treat personal data in an appropriate and lawful manner, and is committed to comply with its obligations in this regard, in respect of all personal data it handles.

1.2 The Company may change some parts or all of the contents of this policy from time to time to ensure that this policy is in line with the legal and regulatory requirements, as well as the regulations and constitutive documents of the Company. Hence, we advise you to check regularly for updated information on the handling of your personal data.

1.3 If you consider that this policy does not follow the PDPA in respect to the personal data about you or others, you should raise the matter with our Data Protection Officer as soon as possible.

2. Concerning the collection, use and/or disclosure of personal data

2.1 In general, we collect your personal data in several ways, including but not limited to the following:

2.1.1. When you contact us for our services and/or goods, or enquiries regarding the same, via your selected mode of communication;

2.1.2. When you request us to contact you for any reason;

2.1.3. When you submit personal data to us in order to purchase or receive our services and/or products

2.1.4. When you submit your personal data to us for recruitment and/or employment purposes; and

2.1.5. When we receive your personal data from authorized third parties (including but not limited to our service providers and employment agencies).

2.2 Personal data that is collected by the Company may include some or all of the following personal information:

2.2.1. Name;

2.2.2. Date of birth;

2.2.3. Gender;

2.2.4. Contact information such as email addresses and telephone numbers;

2.2.5. Demographic information such as residential address, postal code, preferences and interests;

2.2.6. Financial information such as bank account information and credit card numbers (where necessary);

2.2.7. Online identifiers such as social media account information, IP addresses, cookies, device identifiers (device IDs), and location information;

2.2.8. Images and audio data such as photographs, portraits, and voice recordings;

2.2.9. Sensor information (data from wearable devices such as pedometers and heart rate monitors);

2.2.10. Usage history such as purchase history, website browsing history, search history, and app usage history;

2.2.11. Medical information such as medical records, consultation history, prescription history, and health checkup results;

2.2.12. Educational background and work history;

2.2.13. Location information such as GPS data; and

2.2.14. Other information necessary for the purposes set out in clause 2.

The above list is not exhaustive of the categories of personal data the Company may collect. Notwithstanding, the Company will not collect your NRIC/FIN/Passport number unless permitted or required by the Act or any other applicable laws or regulations.

2.3 Generally, the Company collects, uses and/or discloses your personal data for the following purposes:

2.3.1. To send information on products and campaigns by e-mail or post.

2.3.2. To provide our services and to use the information to improve marketing activities (the information may be processed into a form that does not identify individuals and used as statistical data).

2.3.3. In order to display products that match the customer's attributes, etc., the Company's websites use cookies, etc. to collect information on the behaviour history and attributes of customers who visit the Company's websites (information that cannot identify a specific individual on its own, even if it is information about the individual). Specifically, this includes cookies, IP address information, website browsing history and behaviour history, purchase history on websites, device IDs, user agents and referrers).

2.3.4. To fulfil other claims, liabilities and obligations under various contracts and laws and regulations with the Company.

2.3.5. To verify your identity, personal authentication, and other viewing, modifying, and deleting of registration information

2.3.6. To understand your usage status of our company's website and services.

2.3.7. To conclude and perform a contract, including provision of services/products, the management of a contract, and the after-sales service of provided products/services

2.3.8. To improve and utilizing the website and services provided by our company.

2.3.9. To maintain the systems of the website and services provided by our company, and for responding to malfunctions.

2.3.10. To contact necessary for providing services/products (including the case of requesting delivery agencies to deliver products, etc.)

2.3.11. To discover, notify, and otherwise respond to customers who violate the terms of use of the website and services provided by our company.

2.3.12. To investigate, detect, prevent, and otherwise respond to fraud, unauthorized access, and other illegal activities related to the misuse of the website and services provided by our company.

2.3.13. To provide information on services/products and other information related to our business activities; (including distribution of e-mail magazines, etc.)

2.3.14. To consider and develop the services/products

2.3.15. To bill and collect fees for services/products and to protect receivables (including the case of requesting a credit company for a credit card payment, etc.)

2.3.16. To conduct market research, and other researches or surveys

2.3.17. To conduct business analysis

2.3.18. To conduct sales promotion and other similar activities

2.3.19. To conclude and perform contracts with business partners, and the management of the contracts

2.3.20. To conduct for CSR (corporate social responsibility)-related activities

2.3.21. To receive, respond to, record and otherwise deal with your inquiries and requests

2.3.22. To ensure security of our customers and employees

2.3.23. To consider and develop of software, systems, equipment, devices, etc.

2.3.24. To ensure security;

2.3.25. To operate and maintain facilities, equipment and devices and the manage the usage thereof; and

2.3.26. other purposes reasonably related to the foregoing uses.

2.4 Generally, the Company collects, uses and/or discloses your personal data from or about our employees, applicants, and retirees, and their families, and the like for the following purposes:

2.4.1. for recruitment activities and providing information related to recruitment

2.4.2. for employee management (including loans and transfers)

2.4.3. for payment of salaries, etc.

2.4.4. for benefit programs, etc.

2.4.5. for health management, etc.

2.4.6. for post-retirement procedures

2.4.7. for the procedures and contacts, etc. necessary for legal requirements; and/or

2.4.8. for the procedures and contacts, etc. necessary for business operations.

2.5 Your personal data will be retained by the Company for as long as necessary according to our internal policy for the fulfilment of the purposes stated in this clause 2 or is required to satisfy any legal or business purposes.

2.6 The Company will take reasonable steps to protect your personal data against unauthorized collection, use and/or disclosure. Subject to the provisions of any applicable law or regulations, your personal data may be collected, used and/or disclosed for any purposes listed in this clause 2 (where applicable), to the following:

2.6.1. the Company’s staff;

2.6.2. researchers, agents, contractors or third party service providers who provide services to the Company;

2.6.3. our professional advisers such as auditors and lawyers;

2.6.4. relevant government regulators, statutory boards or authorities, or law enforcement agencies to comply with any laws, rules, guidelines, regulations or schemes imposed by any governmental authority; and

2.6.5. any other party to whom you authorise us to disclose your personal data to.

2.7 In addition to clause 2.6, the Company will transfer your personal data to third parties in Japan and the United States, including but not limited to StockTech, Inc., the Company’s parent company (the “Parent Company”), as well as third parties including affiliated companies, for any purposes listed in this policy.

2.8 In order to provide the best service possible, the Company may engage a data intermediary to process and handle personal data on its behalf. In these cases, we will only work with recognized personal data management firms and shall enter into contracts with these data intermediaries to include provisions that clearly set out the data intermediaries’ responsibilities and obligations to ensure compliance with the Act.

3. Concerning the consent for collection, use and/or disclosure of personal data

3.1 By submitting your personal data to the Company, you agree and consent to the collection, use and/or disclosure of your personal data by the Company for a part or all of the purposes set out in clause 2.

3.2 If at any time we decide to collect, use or disclose your personal data in a different manner as to the purposes set out above, we will request your consent to the additional purpose(s) in writing, in which you may refuse to give at your discretion.

3.3 If you provide us with personal data relating to a third party (e.g. information of your spouse, children, parents or relatives), you represent and warrant to us that you have obtained the consent of such third party to provide us with their personal data for the relevant purposes. Where the personal data provided relates to a child or ward, you represent and warrant to us that you are either his/her parent or legal guardian, and that such personal data is legitimate, indeed and accurate.

3.4 You may at any time withdraw any consent given in respect of the collection, use or disclosure of your personal data by giving prior notice in the form of a formal written request addressed to the Data Protection Officer.

3.5 In the event that you withdraw your consent to the Company in relation to the purposes mentioned above, the Company shall cease to collect, use and/or disclose your personal data within ten (10) working days upon receiving your withdrawal request. Please note that once consent is withdrawn, it may not be possible for us to accomplish the purposes as set out in clause 2, and hence, we may be unable to continue providing the requisite services to you.

4. Concerning personal data management and security measures

The Company will take reasonable measures to protect your personal data from unauthorized access or modification, improper collection, use or disclosure, unlawful destruction or accidental loss. You should be aware, however, that no method of transmission over the internet or electronic storage is 100% secure. While security cannot be guaranteed, we strive to protect the security of the personal data and will constantly review and enhance our information security measures. In the event that we have credible grounds to believe that an incident of personal data breach has occurred, we will take reasonable and expeditious steps in accordance with the Act.

5. Concerning access, correction and accuracy of personal data

5.1 You may apply for a copy of your personal data held by the Company, or request for your personal data to be updated or corrected, by sending a formal written request to our Data Protection Officer. Please be informed that we are entitled to charge a fee to recover the costs directly related to the access of the personal data for the time and effort spent by us in responding to the same, and will let you know the amount accordingly.

5.2 Within thirty (30) days upon receiving your request, the Company shall:

5.2.1. provide you with a copy of your personal data under our custody and/or other relevant information in accordance with the Act therein;

5.2.2. correct your personal data as soon as practicable and inform you that the relevant correction has been made; or

5.2.3. inform you that your request for access or correction of your personal data is rejected, if the request was made in circumstances predefined by the Act where such access or correction is prohibited or not required.

5.3 You should ensure that all personal data submitted to us is complete and accurate. Failure to do so may result in our inability to provide you with the information or services you requested.

5.4 The Company shall make a reasonable effort to ensure that the personal data collected by or on behalf of the Company is accurate.

6. Concerning transfer of personal data outside of Singapore

The personal data we collect from you may be transferred to destination(s) outside Singapore as per clause 2 for the fulfilment of any of the purposes stated in clause 2. The Company will ensure that any transfers of your personal data to a territory outside of Singapore will be in accordance with the PDPA so as to ensure a standard of protection to personal data so transferred that is comparable to the protection under the PDPA. In particular, the Company has a Data Protection Agreement with the Parent Company which obliges the Parent Company to protect personal data that the Company transfers to it at a standard of protection comparable to that under the Act.

7. Concerning the establishment and continual improvement of a management system for personal data protection

In order to appropriately manage personal data, the Company shall continually work towards improving the development of our data management system and internal company regulations.

8. Contact information

Should you have a complaint or require more information about how we manage your personal data, please contact our Data Protection Officer at the following contact details :

Email: info@wr.st-asu.com

Implemented from: September 1,2024

Cookie Policy

1. What is a Cookie?

A Cookie is a file created on your device when you visit a website. It contains information sent from the website you visit. By using Cookies, a website can identify your browser when you return to the same website you visited before, which makes it more convenient to use the website by skipping the input of the same information to the website.

2. Why do we use Cookies?

We use Cookies for the following purpose.

2.1 Authentication

We use Cookies to verify your account and keep you logged in, in order to smoothly provide our services. For example, when you are going back and forth between webpages of our online booking/purchasing website, re-authentication is not needed of your account within a certain period of time because of the use of Cookies.

2.2 Keeping session state

We use Cookies to keep the session state when you are visiting our websites. For example, our websites identify your browser by the session ID which is issued by the website and saved in Cookies.

2.3 Restricting actions

We use Cookies to restrict actions when using our website. For example, we use Cookies in a survey page to help prevent duplicated answers.

2.4 Analytics and performance improvement

We use Cookies to analyze how people use our websites in order to improve them. For example, we can find which webpages are most popular by analyzing Page Views, Dwell Time which are collected in Cookies, to improve the providing contents which people are more interested in. Also, we can find the websites or functions which performance needs to be improved by analyzing the response time of each webpage.

2.5 Advertisement

We use Cookies to improve the relevance of advertisement display of products and services. For example, our websites show advertisement of the products and services which you are interested in by analyzing the search history of our website which is saved in Cookies.

3. How we use Cookies?

We use Cookies in our websites and/or in the provision of our services for the purpose of “Keeping session state”, “Analytics and performance improvement”, “Advertisement”, “Restricting actions”, and “Authentication”.

The retention periods of the Cookies we use for each purpose are as below.

1 year for the purpose of “Authentication”
Until browser is closed or 36 minutes for the purpose of “Keeping session state”
90 days for the purpose of “Restricting actions”
2 years at maximum for the purpose of “Analytics and performance improvement”
90 days at maximum for the purpose of “Advertisement”

4. Consent

When you use our website or services, we obtain your consent to use cookies.

- If you continue to browse our website or subscribe to our services, you agree to our Privacy and Cookie Policy and consent to the use of cookies while using our services.

5.How can I disable Cookies?

You can disable the Cookies at any time by changing the settings of Cookies of your browser. How to change the settings is different between each browser. Please refer to the support page of each browser.

Internet Explorer：https://support.microsoft.com
Firefox：https://support.mozilla.org
Chrome：https://support.google.com/chrome/
Safari：https://support.apple.com

Please understand that if you disable all the Cookies, some of the functions of a website may work improperly, services which need authentication may not be provided, and there may be limit of using services on the Internet. Additionally, when sharing and using an information terminal, please note that this decision may affect all users of that information terminal.

6. Revision

This Cookie Policy is subject to change without prior notice if necessary. The revised Cookie Policy will be posted on our website.