a. LOA FOUNDATION PTE. LTD. ("LOA") seeks to comply with the applicable laws and regulations relating to personal data, including but not limited to the Personal Data Protection Act 2012 (Act No. 26 of 2012) of Singapore (collectively, the "Data Protection Legislation").
a. Personal data which LOA may collect include, without limitation, a User's name, address, nationality, email address, phone number, gender, birth date, ID card, online identifier (such as username), device unique identity, operating system or version, hardware information, cookie, browser information, date and time spent on the Services, history log and financial information (such as credit card numbers, bank account information and digital or crypto wallet address).
b. LOA does not collect sensitive personal data (race, thoughts and beliefs, political beliefs, criminal records or medical records) which collection may constitute a violation of the fundamental human rights of the User.
c. LOA collects personal data in a number of different ways. For example:
i. where a User signs up for a membership on the Website, LOA will collect such User's e-mail address and password;
ii. as part of the know-your-customer ("KYC") process by LOA, LOA may collect a User's name, nationality, contact details, country of residence, date of birth, sex, photo, identity documents (such as national identification card, driver's license, passport, etc.) and wallet address. Where required by the applicable law, LOA will redact or delete personally identifiable numbers such as the national identification number, the driver’s license number and the passport number;
iii. during a User's interaction with the Website or use of any of the Services, LOA may collect technical information relating to such User's device and browser, such as: (1) device make and model, and Internet Protocol address; (2) operating system version, browser type and browser language; and (3) browsing actions and patterns etc.; and
iv. when a User contacts LOA (such as to report a problem with the Website or to provide feedback), LOA may keep a copy of the correspondence and any further information provided by such User.
a. In relation to any User, LOA may collect personal data either:
i. when such User (or its authorized representative) voluntarily provides such personal data to LOA, for example, when completing the KYC process or when subscribing for the use of, or in the course of using, the Services; or
ii. automatically, during such User's interaction with the Website and use of the Services.
b. Where a User voluntarily provides any personal data or information, such User represents and warrants that:
i. such personal data or information is accurate and complete; and
i. when such User (or its duly authorized representative) voluntarily provides the personal data;
ii. when such User (or its duly authorized representative) is aware of the purpose for which the personal data is provided;
iii. it is reasonable for such User (or its duly authorized representative) to have provided the personal data to LOA in the circumstances; or
iv. any other circumstances where the Data Protection Legislation provides for the deemed consent of such User.
a. LOA may collect and use personal data for any of the purposes as set forth below:
i. for LOA to perform its obligations in the course of, or in connection with, the provision of Services requested by the relevant Users;
ii. verifying and authenticating the identity of its Users;
iii. managing use of, or subscription to, the Services, including for example, creating and managing user accounts;
iv. providing, maintaining, improving and delivering content and Services. For example, LOA may collect anonymous analytics and statistical information from its users to verify the effectiveness of the Services, the frequency of access or conducting statistical analysis;
v. facilitating any potential token sale organized by LOA, including carrying out any KYC checks on potential purchasers and holders of such tokens;
vi. where a User has agreed to receive marketing and advertising communications, informing such User of new service developments, customized services, events and other customized marketing and advertising information.
vii. communicating with Users, such as responding to, handling, and processing queries, requests, applications, complaints and feedback;
viii. conducting investigations or internal audits, or taking action, including in relation to any violation of the laws or terms and conditions applicable to the use of the Website or any of the Services;
ix. complying with any applicable laws, regulations, codes of practice, guidelines or rules or to assist in law enforcement and investigations conducted by any governmental or regulatory authority;
x. any other purposes for which the relevant User has provided the personal data;
xi. transmitting to any third parties (including, for example, third party service providers and agents and relevant governmental and regulatory authorities, whether in Singapore or elsewhere) for the aforementioned purposes; and
xii. any other purposes which are necessary, ancillary or consequential to the above.
b. LOA may continue to collect, use, disclose or otherwise process personal data for any of the purposes listed above, even in situations where the User's relationship with LOA (for example, pursuant to a contract) has been terminated or altered in any way, for a reasonable period thereafter (including, where applicable, a period to enable LOA to enforce its rights against the User).
c. LOA will collect, use, disclose and otherwise process the User's personal data only for the purposes set out in Article 5(a) and only to the extent allowed under the Data Protection Legislation. LOA will not collect, use, disclose and otherwise process the User's personal data for any other purpose save where:
i. the User consents to such collection, use, disclosure and processing of the personal data;
ii. the personal data has been processed to be personally unidentifiable, and will be used for statistical analysis; or
iii. where such collection, use, disclosure and processing are otherwise required by law or upon lawful request by governmental authorities.
LOA may disclose personal data to third parties:
a. where such disclosure is required for LOA to perform its obligations in the course of or in connection with its provision of the Services requested by the User; or
b. where such disclosure is to a third-party service provider, agent or other organization performing any of the functions listed in Article 5 on behalf of LOA.
a. LOA shall only transfer personal data outside Singapore in accordance with the Data Protection Legislation.
b. Each User agrees, acknowledges and consents that due to the nature of the Services, personal data may be stored or processed in any country where LOA has operations (including but not limited to Singapore, the Republic of Korea) or engages third party service providers.
LOA may outsource the handling of Users' personal data to third party service providers for the purposes of performing KYC checks, anti-money laundering checks, countering terrorism financing checks and/or any other checks as required by the applicable laws on the Users. For the purposes of such handling:
a. LOA may disclose and transmit the personal data to its third-party service provider.
b. LOA may disclose and transmit the following types of personal data to the third-party service providers.
c. The personal data may be disclosed and transmitted by LOA to the third-party service providers who will store and retain such personal data in not limited but including Singapore and the ROK
d. The personal data will be disclosed and transmitted to the third-party service provider immediately upon LOA's receipt of the personal data; and
e. The third-party service provider shall protect and retain the personal data in accordance with LOA's written instructions.
a. LOA shall retain personal data for as long as is necessary to fulfill the purpose for which the personal data was collected, or as required or permitted by the applicable laws.
b. LOA will cease to retain personal data, and remove the means by which the personal data can be associated with individual Users, as soon as it is reasonable to assume that such retention no longer serves the purpose for which the personal data was collected, and is no longer necessary for legal or business purposes.
a. LOA shall destroy the personal data in accordance with Article 10(b) within 5 days from the date when the period for retention of the personal data under Article 9 expires.
b. LOA will destroy the personal data by any of the following methods:
i. Personal data recorded or stored on paper: by shredding or by incinerating; or
ii. Personal data stored electronically: by deleting the files permanently using technical methods such as low-level formatting so that the records cannot be recovered.
a. A User can withdraw his/her consent for the collection, use, disclosure and processing of personal data at any time by writing to LOA's Data Protection Officer at the email address set out at Article 20 below.
b. Upon receipt of the request to withdraw the User's consent, LOA will require a reasonable time to process the request and for LOA to notify the User of the consequences of such withdrawal, including any legal consequences which may affect the User's rights and liabilities. In general, LOA shall seek to process the request within 30 calendar days of receiving the same.
c. Depending on the nature and scope of the withdrawal of consent, in certain cases, LOA may not be able to continue providing the User with certain Services.
d. The User's withdrawal of consent does not affect LOA's right to continue to collect, use, disclose and process personal data where such collection, use, disclosure and processing without consent is permitted or required under the applicable laws.
a. A User may make:
i. an access request, for a copy of that User's personal data which LOA holds, or for information about the ways in which LOA uses or discloses that User's personal data; or
ii. a correction request, to correct or update any of the personal data which LOA holds about that User, by contacting LOA's designated Data Protection Officer, whose details are set out at Article 20.
b. Where the User requests for correction or deletion of the personal data, LOA will not use or provide the personal data of that User until the correction or deletion of the personal data is complete, and will response to the User's request in good faith. If the correction or deletion is deemed to be necessary due to any errors in the personal data or expiration of the retention period, LOA will take necessary measures without delay.
c. LOA may ask the User to verify his/her identity and for more information about the request. Where LOA is legally permitted to do so, LOA may also refuse the request with or without providing the User with any reasons for doing so.
d. Where the User has made an access request, LOA may charge a reasonable administrative fee to cover the costs of responding to such request. If LOA decides to do so, LOA will provide the User with a written estimate of such fee before processing such request.
The User may exercise such User's rights under this Chapter 6 through his/her legal representative or agent. In this case, the User shall submit a power of attorney under the relevant Data Protection Legislation to LOA.
b. LOA uses the cookies for the following purposes:
i. maintenance of the User's access session;
ii. analysis of service visits and uses; and
iii. secured access.
c. The User has the option to install the cookies. Accordingly, the User may permit all cookies, or go through confirmation whenever the cookies are saved, or reject saving of all cookies, by configuring his/her web browser appropriately. However, if the User rejects the installation of the cookies, this may adversely affect the User's browsing experience, and the User may also face difficulties in using the Services.
a. LOA shall take reasonable steps to secure and protect personal data in its possession by implementing measures to secure and protect such personal data as required to comply with the Data Protection Legislation, including:
i. reasonable security arrangements to prevent unauthorized access, collection, use, disclosure, copying, modification, disposal or similar risks to personal data; and
ii. security precautions safeguarding all electronic storage and transmission of personal data.
b. While LOA strives to use commercially acceptable means to protect personal data, no method of transmission over the Internet or method of electronic storage is completely secure and LOA cannot ensure absolutely the security of any personal data in its possession or control.
c. To the fullest extent permitted by the law, LOA shall not be liable in any manner for any losses arising from any unauthorized collection, use, disclosure or otherwise processing of personal data.
LOA has established and is executing an internal management plan to ensure secured processing of the personal data.
The User's personal data is encrypted for storage and management, such that only the User and the appropriate LOA staff have access to it.
LOA takes reasonable measures to control access to the personal data by granting, changing or revoking access to the database system that processes the personal data as necessary, and controls unauthorized access from external networks by using firewalls.
The User may notify the following staff of any complaint related to the protection of personal data that may occur when using the Services, or to request for access to or correction of personal data:
Name: Ethan Han
b. If LOA wishes to obtain additional consent from the User in order to use the personal data or outsource handling of the personal data to a third-party service provider beyond the scope agreed by the User, LOA will individually give the Users a written notice prior to doing so.
The User may make inquiries about remedies or consultations available for infringement on the personal data to the institutions set forth below, which are independent from LOA. If the User is not satisfied with the results of LOA's own handling the complaints or the remedy related to the personal data or needs more information, he/she may contact the Personal Data Protection Commission of Singapore at the contact details set out on https://www.pdpc.gov.sg/.