Privacy Policy

Last Modified: September 9, 2024

BISONAI PTE. LTD. (the "Company", “we” or “us”) considers the data provided by the users who have access to the Services (“Users “or “you”) of utmost importance. This Privacy Policy applies to the DataMaxiPlus (the “Services”) provided through our website https://datamaxiplus.com/(the “Website”). Our Privacy Policy can be found on the Website where we provide information on how and for what purposes data provided by the Users is used and what measures are taken for the protection of privacy.

Please note that we may update this Privacy Policy periodically. By engaging with our Website or utilizing our Services, you are acknowledging your acceptance of the terms outlined in this Privacy Policy.

Article 1 (Purpose of Personal Data Management) 

Upon User’s consent to the use of the Services, the Company collects and processes Personal Data for purposes outlined below. Personal Data being processed will not be used for any purpose other than those specified, and in the event of any change in such purposes, the Company will take necessary measures, such as obtaining separate consent from the Users, etc., as required by applicable laws and regulations.

1. Provision of Services

Your Personal Data is processed for the purpose of providing Services and allowing your access to the Websites, settlement for payments for your use of Services, and for any purposes necessary or appropriate for our provision of Services.

2. Membership Registration and Management 

Your Personal Data is processed for the purpose of confirming your intention to become a member, identifying and verifying identity (including 2FA Authentication) for the provision of membership services, maintaining and managing membership qualifications, preventing illegal use of services, and handling various notices, notifications and grievances, etc.

3. Improvement of Services

Any data we collect in accordance with this Privacy Policy, such as transaction logs and cookie data, can be used for analysis and service improvement/development.

4. Use for Marketing and Advertising

Your Personal Data may be processed for purposes including the development of new services (products), providing event and advertising information and participation opportunities, offering services based on demographic characteristics, and publishing advertisements.

5. Complaint Management / Compliance

Your Personal Data is processed for the purpose of verifying the identity of the complainant and his/her complaint, contacting and notifying for fact-finding, and notifying the result of the complaint, etc. The Company may also use your personal data to prevent illegal activities, including your violation of the Terms of Service available at DataMaxi+'s terms of use, or to comply with applicable laws and regulations.

Article 2 (Management and Retention Period of Personal Data)

1. The Company processes and retains Personal Data within the period of retention and use as provided for in applicable law, or such period as consented by the Users at the time of collecting the Personal Data.
2. Unless otherwise specified in this Privacy Policy, the period of Personal Data retention is as follows, respectively:

1. Provision of Services: Until withdrawal of membership from the website

Provided, that, for the following cases, until the end of each respective period:

1. In connection with the provision of the Services, including retaining records regarding the withdrawal from membership, cancellation of contracts, payment of fees, supply of Services or products, etc.: Until five (5) years from the date of collection
2. In the case of an ongoing investigation or inquiry regarding a violation of applicable law: Until completion of such investigation or inquiry
3. In the case of any remaining receivables/payables regarding the use of the Website: Until the settlement of such receivables/payables

2. Membership Registration and Management: Until withdrawal of membership from the Website or withdrawal of consent, whichever is earlier.
3. Improvement of Services: Until withdrawal of membership from the Website or withdrawal of consent, whichever is earlier.
4. Use for marketing and advertising: Until withdrawal of membership from the Website or withdrawal of consent, whichever is earlier.
5. Complaint Management and Compliance: Until withdrawal of membership from the Website or completion of the complaint settlement procedures, whichever is earlier.
6. The Company may retain your Personal Data for a longer or shorter period than specified in this Privacy Policy, as required by applicable laws.
7. The Company will cease to retain your Personal Data or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purpose for which the Personal Data was collected, and is no longer necessary for legal or business purposes.

Article 3 (Items of Personal Data to be Processed)

The Company collects and processes the following Personal Data for the respective purposes:

1. Provision of Services

• Mandatory Data:  Name, Profile picture, E-mail address, User nickname, Wallet address, Log data regarding your access and use of the Website, IP address, Device ID, geographical location,
• Optional Data: Purchase history; Cookie data; Behavioral information; and Credit Card Number

2. Membership Registration and Management:

• Mandatory Data: Name, Mobile number, Profile Picture, Email address, User nickname

3. Improvement of Services:

• Mandatory Data: Log data regarding your access and use of the Website, IP address, Device ID
• Optional Data: Cookie data, Behavioral information

4. Use for Marketing and Advertising

• Mandatory Data: Name, E-mail address, User nickname, Purchase History; Cookie data; Behavioral information

5. Complaint Management and Compliance

• Mandatory Data: Profile picture, E-mail address, User nickname

Article 4 (Provision of Personal Data to Third Parties)

1. Upon your consent, the Company may transfer your Personal Data to third parties for the purposes prescribed under this Privacy Policy. In the event the Company transfers your Personal Data to the third party, we will ensure that such transfer is permitted and made in accordance with the applicable laws and regulations, including Personal Data Protection Act 2012 of Singapore (“PDPA”), and ascertain that your Personal Data receives a protection comparable to the PDPA in Singapore.
2. The Company provides Personal Data to third parties as follows:

3. Users may refuse to consent to the provision of Personal Data to third parties, in which case your access to and use of Services may be restricted and/or limited.
4. For any changes in the third party receiving your Personal Data, the Company will promptly update this Privacy Policy to reflect such changes.

Article 5 (Provision of Personal Data to Data Processor)

1. For the effective management of Personal Data, the Company may outsource the management of Personal Data as follows:

2. When entering into outsourcing agreements, the Company sets forth obligations of the parties including (a) prohibition on the use of Personal Data for any purpose other than the outsourced work, (b) technical and administrative measures to protect Personal Data, (c) restrictions on subcontracting, (d) management and supervision of the data controller, (e) liability provisions, etc., to ensure that that your Personal Data receives a protection comparable to the PDPA in Singapore.
3. Users may refuse to consent to the process of Personal Data by a data processor, in which case your access to and use of Services may be restricted and/or limited.
4. For any changes in the data processor, the Company will promptly update this Privacy Policy to reflect such changes.

Article 6 (Cross-Border Transfer of Personal Data)

1. Upon your consent, your Personal Data may be transferred across the border of the country where it was collected for the purposes outlined in this Privacy Policy. In the event the Company transfers your Personal Data abroad, we will ensure that such transfer is permitted and made in accordance with the applicable laws and regulations, including PDPA, and ascertain that your Personal Data receives a protection comparable to the PDPA in Singapore.
2. The Company may transfer your Personal Data abroad as following:

3. Users may refuse to consent to the transfer of Personal Data abroad, in which case your access to and use of Services may be restricted and/or limited.

Article 7 (Destruction of Personal Data)

1. The Company promptly destroys Personal Data that is no longer needed, including when the retention period has expired or the purpose of collecting Personal Data has been achieved.
2. The Company destroys Personal Data in accordance with the following procedures and methods:

1. Destruction procedures

The Company selects Personal Data that needs to be destroyed and destroys such information after obtaining the approval of the Company’s Data Protection Officer.

2. Destruction method

Personal Data recorded or stored in the form of electronic files is destroyed, in a manner that makes it irrecoverable, whereas Personal Data recorded or stored on paper documents are shredded or burned; Provided, however, if permanent destruction of certain Personal Data is significantly difficult for technical reasons, such Personal Data will be processed in such a way that the data subject is no longer identifiable using other information, and restoration of such Personal Data to a level where the data subject can be identified is impossible, in consideration of time, cost, and technology, etc.

Article 8 (Rights, Obligations and Means of Exercise Thereof by Users and Their Legal Representatives)

1. Users understand and acknowledge that they may refuse to consent to the transfer of Personal Data abroad, in which case Users’ access to and use of Services may be restricted and/or limited.
2. Users may exercise their rights against the Company at any given time to demand inspection, correction, deletion, suspension, etc., of their Personal Data.
3. Rights under Paragraph 1 may be exercised by written or electronic notice or fax, etc., to the Company and the Company will take measures without delay.
4. Users may exercise their rights under Paragraph 1 through their legal representative or any other agent delegated by them, subject to the submission of a legitimate power of attorney.
5. A data subject’s right to request inspection, or suspension of management, of his or her Personal Data may be restricted in accordance with applicable laws and regulations.
6. In the case of correction or deletion of Personal Data, the Company will make correction or delete the Personal Data without any delay unless limited by other statutes.
7. When the Company receives a request for inspection, correction or deletion, or suspension of management of Personal Data by a data subject, the Company will verify whether the person making such request is the data subject or his/her lawful representative.

Article 9 (Measures to Ensure Safety in Personal Data Protection)

The Company applies the following measures to ensure the safety of Personal Data protection:

1. Administrative measures: Establishment and implementation of internal management plans, education of employees on a regular basis, etc.
2. Technical measures: Restriction of access rights to the Personal Data management system, installation of access control system, encryption of identification information, etc., and installation of security programs
3. Physical measures: Segregation of the IT center and data storage center (the “Physical Center”) from the business operating venues, and restriction of access to authorized personnel only.

Article 10 (Installation/Operation of Automated Personal Data Collection Device and Refusal Thereof)

1. In order to provide individualized and customized services to the Users, the Company uses ‘cookies’ which store and frequently collect information in connection with the Users’ access and utilization of the Website.
2. A cookie is a small piece of information which the server (HTTP) used for the operation of a website sends to the user’s computer browser, and may be stored on the user’s computer hard disc or mobile.
3. Users can adjust settings to accept or block cookies through their web browser/mobile browser options; however, refusing to save cookies may result in difficulties using customized services.

1. Installation/Removal of Cookies on Web Browser:

• Chrome: Web Browser Setting > Privacy and Security > Clearing Data
• Edge: Web Browser Setting > Cookie and Site Permissions > Manage and Delete Cookies and Site Data > Block

2. Installation/Removal of Cookies on Mobile Browser:

• Chrome: Web Browser Setting > Privacy and Security > Clearing Data
• Safari: Web Browser Setting > Privacy > Manage Website Data > Remove or Remove All
• Samsung Internet: Mobile Browser Setting > Internet History > Remove or Remove All

Article 11 (Collection/Use of Behavioral Information and Refusal Thereof)

1. Behavioral information may be automatically collected during your use of the Services to provide users with optimal customized services, benefits, and personalized online advertisements. Behavioral information includes data accumulated from a user's interaction with the Services, such as cookie data, browsing history, log data, device information, API history and User preferences.
2. The Company collects behavioral information:

3. The Company collects minimum behavioral information needed for providing customized online advertisements, etc., and does not collect sensitive behavioral information, such as the data subject’s ideology, beliefs, family ties, educational background, medical history, and other experiences of social activities, that may potentially infringe a person’s rights, interests or privacy.
4. The Company may provide behavioral information to third-party entities as follows:

5. You may block/allow customized online advertisements entirely by changing cookie settings on their web browsers; Provided, however, that changing cookie settings may impact their use of certain services, such as automatic login onto the Website, etc.

1. Chrome

• Setting > Privacy and Security > Clearing Data
• Setting > Privacy and Security > Third-Party Cookies > Block All Third-Party Cookies

2. Edge

• Setting > Cookies and Site Permissions > Manage and Delete Cookies and Site Data > Block Third-Party Cookies

3. Users may contact the department responsible for Personal Data under Article 13 to inquire about any questions they may have regarding behavioral information, exercise of their rights to refuse, or filing reports of privacy infringement.

Article 12 (Management of Pseudonymized Information)

1. The Company processes Personal Data collected for statistical purposes, scientific research and preservation of records for public purposes, in such a way that makes identification of a specific individual impossible by pseudonymization as follows:

2. The Company separately stores and manages pseudonymized information to prevent re-identification, and employs technical and administrative measures to secure safety in personal data protection.

Article 13 (Data Protection Officer)

1. The Company designates a Data Protection Officer to be responsible for overall Personal Data management and handle complaints and relief, etc., of Users regarding Personal Data management as follows:

• Data Protection Officer /Dept. of Persona Data Protection

       Name: Bryan Kim

       Position: CEO

       Email: info@datamaxiplus.com

2. Users may contact the Data Protection Officer and the department responsible for the protection of Personal Data regarding any inquiry on Personal Data protection, complaints, relief, etc., that may arise in the course of using the Company’s Services (or businesses) or Website. The Company will promptly respond to and handle any such inquiries raised by Users.

Article 14 (Request for Access to Personal Data)

Users may request the Data Protection Officer to permit access to their Personal Data. The Company will endeavor to ensure that such request by Users to access their Personal Data is promptly handled.

Article 15 (Disclaimer)

1. The Company relies on data provided by you (or your authorized representative). The Company accepts no responsibility or liability for any loss arising from the content or accuracy of the personal data provided to us by you (or your authorized representative). We take all possible steps to help protect your personal data from loss, misuse, unauthorized access, disclosure, alteration or destruction. While we do implement appropriate safeguards, no security system is impenetrable, and due to the inherent nature of the internet, we cannot guarantee that your Personal Data is absolutely safe from third party interference, either during transmission or during the time it is stored on our systems.
2. The Company strongly advises you to manage and change your password regularly and avoid using the same password for different websites. It's important to note that this Privacy Policy does not apply to, nor can we protect, any information you transmit to other users. Therefore, you should refrain from transmitting personal data or identifying information to other users.

Article 16 (Governing Law and Dispute Resolution)

This Privacy Policy shall be prescribed, implemented and construed in accordance with the laws of the Republic of Singapore. Any dispute related to this Privacy Policy shall be referred to and resolved by the Singapore International Arbitration Centre (“SIAC”) in accordance with the rules of SIAC for the time being in force (“SIAC Rules”). The arbitration tribunal shall consist of one (1) arbitrator, which shall be nominated in accordance with SIAC Rules. The seat of arbitration shall be in Singapore and the language of the arbitration shall be English.

Article 17 (Change of Privacy Policy)

1. We reserve the right to change this Privacy Notice at any time. We will notify you of the changes on the Services’ Website screen provided upon login from seven (7) days prior to the enforcement date of the amended Privacy Policy by providing both the existing and amended Privacy Policy and clearly stating the enforcement date and reasons for amendment; provided, however, in the case where these Privacy Policy are amended in such a way that may be disadvantageous to you, we will make a notice on the Services’ Website screen provided upon login from thirty (30) days prior to the enforcement date and clearly notify them individually by electronic means such as a consent pop-up appearing on the login screen.
2. In the event you fail to provide objections to such changes despite the Company having notified the amendment in accordance with the preceding paragraph or the Company having made a clear notice to you that ‘Users shall be deemed to have consented if they do not express any objection from the date of announcement/notice to the enforcement date’ and you have failed to express objection, you shall be deemed to have consented to the amended Privacy Policy.

Article 18 (Miscellaneous)

1. The Company does not provide Services or allow access to the Website to minors under 14 years old. Therefore, the Company does not process any Personal Data of a minor under 14 years old.
2. This Privacy Policy is made in English. This Privacy Policy may be translated into different languages only for your convenience. In case of any discrepancies between the English version and other languages made available, the English version shall prevail.

Addendum

This Privacy Policy shall be effective as of September 9, 2024.