Privacy Policy

Update date: October 23, 2023

PLEASE READ THESE TERMS CAREFULLY AS THEY MAY HAVE IMPORTANT CONSEQUENCES FOR YOU.

This Privacy Policy (“Policy”) applies to all individuals who hold accounts and receive Services from us.

The purpose of this Policy is to inform you of how we manage personal data which is subject to Singapore's Personal Data Protection Act 2012 (No. 26 of 2012) as may be changed from time to time (the “PDPA”). Please read this Policy so that you know and understand the purposes for which we collect, process, disclose, manage, and protect your personal data.

By accessing or using any Services offered by us, you agree and consent to THUNDER CLOUD PTE. LTD. (with its affiliates, the “Company”), as well as their respective representatives collecting, using, disclosing, and sharing amongst themselves your personal data, and disclosing such personal data to the Company's authorized service providers and relevant third parties in the manner outlined in this Policy.

This Policy does not supersede or replace any earlier consents you may have provided to us, and supplements all such pre-existing consents concerning the collection, disclosure, and/or use of your personal data.

If you, at any time, have any queries on this Policy, please do not hesitate to contact our Data Protection Officer (the “DPO”) at 2 VENTURE DRIVE #06-09 VISION EXCHANGE SINGAPORE (608526) Email: thunderhyperx.sg@gmail.com

Sections 1. COLLECTION OF PERSONAL DATA

We collect some personal data to make your use of our Services possible. There are several ways in which we may collect personal data from you, different types of personal data may be collected depending on the way you use our Services.

Personal information you submit

We collect, process, or host personal information you provide.

• Contact information: when you subscribe to our Services, register for a Premium Account, or set up authentication, we may collect your contact information, such as email address.
• Communications with us: when you interact with our customer support, sales, or other departments, via telephone calls, letters, face-to-face meetings, emails, or social media, we may record the communications for security and customer services purposes.
• Billing information: when you make purchases for any of our specific services, we may collect your billing information, including payment details, payment instrument organization, debit/credit card number, security code, etc.
• Content: we may collect the digital content you upload and store, including documents, files, videos, photos, images, etc.
• Clipboard Data: we may collect information about the link URL in your clipboard to help you more quickly check and save the links you are interested in, such data is only used for this time and will not be stored.
• Others: we may collect any other information you voluntarily provide to us.

Personal information we collect by automated means

We also collect and use personal information by automated means while you use our Services.

• Cookie or similar technologies: when you visit our website or applications through the use of cookies or other similar technologies, we may collect your cookie IDs and settings and other personal data.
• Device information: we may collect equipment, network, and technical information, including network data, location data, device identifiers, IP addresses, browser software, operating system, software and hardware attributes.
• Usage information: we may collect usage information related to how you use the Services, including actions you take in your account, including log information, browsing history, product interaction, crash data, browsing patterns, and/or purchasing patterns diagnostic data, and other usage data.

Personal information we receive from other parties

In some cases, we receive personal information from third parties, such as:

• Legal information: when law enforcement agencies or courts order us to take down content from your account, we may initially receive personal information about you and your behavior.
• Additional information: we may collect additional information from other organizations, which include fraud prevention agencies, and credit reference agencies, to carry out risk control, fraud prevention, and compliance procedures.

Sections 2. PURPOSES FOR THE COLLECTION, RETENTION, USE, DISCLOSURE AND TRANSFER OF PERSONAL DATA

We collect, retain, use, and disclose personal data for the following purposes:

• processing your registration for our Services, verifying your identity, and maintaining and managing your account;
• providing you with customer service and responding to your queries, requests, feedback, claims or disputes;
• providing our Services to you;
• processing your purchases;
• carrying out market research, planning, customer surveys, trend analyses, and/or other related forms of data analytics;
• marketing, promoting, improving, and/or further the provision of services to you by us, or by our third-party service providers;
• matching any personal data held that relates to you for any of the purposes listed in this Policy;
• conducting investigations or take action in relation to any violation of any of our terms and conditions for Services, including our Terms of Use;
• performing risk control, legal compliance, and sanctions screening;
• performing screening and checks for unlawful, fraudulent, deceptive, or malicious activities;
• complying with applicable law, legal process, or lawful government request; and
• any other purpose necessary, ancillary, or consequential to the above-specified purposes.

Sections 3. DISCLOSURE OF PERSONAL DATA

We have several partners to operate and improve our Services. Furthermore, we may share your information as part of some of the Services.

• Third-Party Service Providers: we may disclose your personal data to third-party service providers engaged by us to assist with providing you with our services, such as providing customer services to you, contacting you regarding promotions products and services, performing risk control, fraud prevention, and legal compliance procedures, and conducting payment processing services. These third-party service providers may be located in Singapore or outside of Singapore, are engaged under terms compliant with applicable data protection laws and/or appropriate duties of confidentiality to us, and are only permitted to use your personal data in connection with the purposes specified in Sections 2 above.
• Affiliates: we may share your personal data with our affiliated companies, which includes our subsidiaries, our ultimate holding company and its subsidiaries, companies that we control, are controlled by or under common control, and our strategic business partners, and their subsidiaries, in each case in or outside of Singapore and are only permitted to use your personal data in connection with the purposes specified in Sections 2 above, and not for their own purposes.
• Partners: We may establish relationships with third parties to promote the benefit of their products and services. We offer you access to these third parties and their websites by using hyperlinks to these sites on our website or applications. In some cases, you may be required to submit personal data to register or apply for products or services provided by such third parties. This Policy does not apply to these third-party sites. The privacy policy of those other parties may differ from ours, and we have no control over the information you submit to those third parties. You should read the relevant privacy policy for those third-party sites before responding to any offers, products, or services advertised by those parties.
• Successor: We may share personal information with our successor if we sell, buy, merge, or partner with other companies or other businesses, or sell some or all of our assets. In such transactions, user personal data may be among the transferred assets.
• Law Enforcement Agencies: We may share your personal data with law enforcement agencies, public or tax authorities, or other organizations if legally required to do so, or if we determine that for purposes of national security, law enforcement, or other issues of public importance, disclosure is necessary or appropriate.
• Others: We may share personal information with others at your direction or with your consent. We may also disclose information about you where there is a lawful basis for doing so if we determine that disclosure is reasonably necessary to enforce our Terms of Use or to protect our operations or users.

Sections 4. SECURITY MEASURES

We use commercially reasonable endeavors to protect the personal data that you provide to us. We will comprehensively use various security protection measures within a reasonable security level to prevent unauthorized access, collection, use, disclosure, copying, modification or disposal, or similar risks and the loss of any storage medium or device on which personal data is stored, this includes internal measures that limit access to personal information to a dedicated set of specialist employees working on improving the safety or quality of our Services.

We strongly recommend that you use a complex password to help us ensure the security of your account. And, please note that you are responsible for managing access to any accounts that you maintain with us. Failure to limit access to your account might enable third parties to have unauthorized access to your personal data and any losses resulting therefrom will be at your own risk.

Nevertheless, no data transmission over the internet or any wireless network can be guaranteed to be perfectly secure. While we try to protect your personal data, you hereby understand and agree that the system and communication network used by you to access the Service may have problems due to circumstances beyond our control, and you acknowledge and accept that your use of our Services is ultimately at your own risk. If you find that any information may or has been leaked, please notify us immediately at thunderhyperx.sg@gmail.com, so that we can take appropriate measures timely to avoid or reduce related losses.

After an unfortunate personal information security incident occurs, we will use commercially reasonable efforts to conduct the assessment of the data breach to determine whether it should be notified to the Personal Data Protection Commission or affected individuals. Where we assess that a data breach is a notifiable data breach, we will notify the Personal Data Protection Commission or affected individual (as the case may be) as soon as is practicable.

Sections 5. TRANSFER OF PERSONAL DATA

We store all data on servers in Singapore. As part of the provision of our Services, we may need to transfer your personal data from Singapore to an overseas jurisdiction. Recipients of the data in these jurisdictions are subject to data privacy laws that have similar data standards to those of the PDPA. Such overseas transfer or processing of your personal data may be necessary to process and administer your customer account and to provide our Services (including providing customer services to you, contacting you regarding promotions, products and services, performing risk control, fraud prevention, and legal compliance procedures, and conducting payment processing services).

Sections 6. PERIOD OF RETENTION AND PROCESSING OF PERSONAL DATA

We retain your personal data as long as you have an account with us, as needed to provide Services to you, to resolve disputes, to serve the purpose of research and statistical analysis, or as required or permitted by applicable laws, such as tax and accounting laws.

We retain your personal data for the purposes described in this Policy where we have an ongoing legitimate business need to do so. The specific retention periods depend on the nature of the personal data and why it is collected and processed, and the nature of the legal requirement. After the expiry of this period, the corresponding data will be routinely deleted, provided the purpose for which that personal data was collected is no longer being served by retention of the personal data and/or retention is no longer necessary for legal or business purposes.

When our products or services are ceased, we will notify you in the form of notification, announcement, etc., and delete your personal data or anonymize it within 90 days, unless otherwise required by relevant law.

When deleting personal data, we will take standard commercially reasonable measures to make the personal data practically irrecoverable or irreproducible. The specific manner of deletion will depend on the data being deleted, how the data was collected and stored, and your interactions with us. Electronic documents or files containing personal data will be deleted using a technical method that makes recovery or retrieval of such information practically impossible or renders the data no longer personally identifiable. Non-electronic documents or files containing personal data will be shredded, incinerated, or both.

Sections 7. DEEMED CONSENT; COLLECTION, USE AND DISCLOSURE OF PERSONAL DATA WITHOUT CONSENT; WITHDRAWAL OF CONSENT

You are deemed to have given your consent for the collection, use, and disclosure of personal data in the following circumstances:

• When you voluntarily provide your personal data to us;
• When you are made aware of our intention to collect, use, or disclose the personal data and the purpose for the same and do not notify us of its non-consent within a reasonable time;
• It is reasonable that the you would voluntarily provide your personal data to us in the circumstances;
• Where the collection, use, or disclosure is reasonably necessary for the conclusion of a contract between the person and us;
• Other circumstances where consent is deemed under the PDPA.

Subject to any applicable requirements under the PDPA, we may collect, use and/or disclose personal data without consent:

• The personal data was disclosed by a public agency and the collection of the personal data is consistent with the purpose of the disclosure by the public agency;
• For business improvement purposes such as improving or enhancing goods or services provided, developing new goods or services to be provided, improving or enhancing the methods or processes, learning about and understanding the behavior and preferences of the user in relation to the goods or services provided, or personalizing or customizing any such goods or services for the user.
• Detecting or preventing illegal services such as fraud and money laundering or threats to physical safety and security (including IT and network security);
• The personal data was disclosed to other organizations or our successors, if we purchase, sell, lease, merge, or amalgamate or any other acquisition, disposal, or financing of any of our business or assets;
• Preventing misuse of Services; and
• Other circumstances where personal data can be collected, used, and disclosed without consent under the PDPA.

You are able to withdraw your consent to our continued use and disclosure of personal data as described in this Policy at any time. Such withdrawal should be made formally in writing to the DPO. We shall process your withdrawal request within a reasonable time (depending on the complexity of the request and its impact on our relationship with you) and cease collecting, using, or disclosing the personal data (as the case may be) unless such collection, use or disclosure (as the case may be) without the individual’s consent is required or authorized under the PDPA or other written law.

You hereby acknowledge that if you withdraw your consent to any or all use of your personal data, depending on the nature of your request, we may not be in a position to continue to provide the Services to you, which may result in the termination of any agreements that you have with us.

Sections 8. RIGHT TO ACCESS AND CORRECT OF PERSONAL DATA

To the extent required by the PDPA, upon your request, we shall provide you with personal data which is in our possession or control, and information about how the personal data has been or may have been used or disclosed by us within a year before the date of the request.

Subject to the PDPA, we may not be able to provide you with your personal data or other information if the provision of that personal data or other information (as the case may be) could reasonably be expected to:

• Threaten the safety or physical or mental health of another individual;
• Cause immediate or grave harm to the safety or to the physical or mental health of you;
• Reveal personal data about another individual;
• Reveal the identity of an individual who has provided personal data about another individual and the individual providing the personal data does not consent to the disclosure of his or her identity;
• Be contrary to the national interest; or
• Other circumstances where personal data are unable to be provided under the PDPA.

If we, by reason of the above, do not provide you with your personal data or other information requested, we will, within a reasonable time and by the requirement of the PDPA, notify the individual of the rejection.

Upon request by you, we may, by the PDPA, correct or complete any personal data found to be error or omission as soon as practicable, unless we are satisfied on reasonable grounds that the correction should not be made. Save as otherwise required under the PDPA, you may only correct any personal data that you have provided to us. We reserve the right to not correct personal data where permitted under the PDPA.

If you would like to obtain access and make corrections to your personal data, please contact our DPO in writing.

Sections 9. OTHER RIGHTS OF THE DATA SUBJECT

• Right to erasure: You shall have the right to obtain from us the erasure of personal data concerning yours, and we shall have the obligation to erase personal data without undue delay, except we are entitled to retain personal data as required by law.
• Right to restriction of processing: You shall have the right to obtain from us restriction of processing where (i) the accuracy of the personal data is contested by you, for a period enabling us to verify the accuracy of the personal data; (ii) the processing is unlawful and you opposes the erasure of the personal data and requests the restriction of their use instead; (iii) we no longer needs the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defense of legal claims; (iv) you have objected to processing pending the verification whether the legitimate grounds of us override those of yours.
• Right to Data Portability: You have the right to receive the personal information concerning you in a structured, commonly used and machine-readable format and to have this information transmitted to a third party, as long as the processing is based on consent or on a contract and the processing is carried out by means of automated procedures.
• Right to Object: If personal information is collected for the purposes of legitimate interests or in the public interest or in the exercise of official authority, you have the right to object to this processing, on grounds relating to your particular situation, at any time. We will no longer process the personal information unless there are demonstrable compelling legitimate grounds for this processing which override your interests, rights and freedoms or which serve in the establishment, exercise or defense of legal claims. You should be cognizant of the fact that exercising your Right to Object may affect the ability of Lovesick to continue providing the requested services.

Sections 10. USE OF COOKIES

We use cookies for the following purposes:

• to enable certain features and functions on our websites or applications ;
• to improve the efficiency of our Services ;
• to administer Services to you and to advertisers ;
• to establish usage statistics ;
• to enable authentication cookies to identify you when you perform online transactions with us ;

Please note that cookie-based opt-outs are not effective on mobile applications. However, you may opt out of personalized advertisements on some mobile applications by following the instructions for [Android], [iOS], and [others].

Most internet browsers provide you the option of turning off the processing of cookies, but this may result in the loss of functionality, restrict your use of our Services.

To the fullest extent permitted under PDPA, we cannot be responsible for a third parties’ acts, omissions, data policies or their use of cookies, nor the content or security of any third parties’ websites or applications, even if linked to our websites or applications, and any such liability is expressly disclaimed and excluded.

Sections 11. MARKETING

Our marketing information aim to update you about our exclusive offers, and special deals from our preferred partners and advertisers. If you wish to continue receiving such information or to opt-out, you can notify us to indicate your preference at thunderhyperx.sg@gmail.com

Please note that after opting out, you may still continue to receive non-marketing information, such as product updates and service notices as permitted under applicable local laws and regulations.

Sections 12. PRIVACY POLOCY FOR MINORS

We do not knowingly collect or solicit personal information from anyone under the age of 18 or equivalent minimum age in the relevant jurisdiction (“Minor”) or knowingly allow such persons to use our Services. If you are a Minor, please do not send any information about yourself to us, including but not limited to your name, address, telephone number, or email address.

If we learn that we have collected personal data from Minor, we will delete that information as quickly as possible. If you believe that we might have any information from or about Minor, please contact us at: thunderhyperx.sg@gmail.com

Sections 13. Privacy policies of other websites

Our Services may contain links to other websites or application. This Privacy Policy applies only to our Services, so if you click on a link to another website or application, you should read their privacy policy.

Sections 14. APPLICATION AND RENEWAL OF THIS POLICY

As part of our efforts to ensure that we properly manage, protect, and process your personal data, we may from time to time update this Policy to ensure that this Policy is consistent with future developments, industry trends, and/or any changes in legal or regulatory requirements. We will use commercially reasonable efforts to generally notify all users of any material changes to this Policy, such as by updating the “Last Updated” date at the top of this Policy, which reflects the effective date of such Policy, or through a notice on our website or software applications.

You hereby waive any right to receive specific notice of each such change and agree to be bound by the prevailing terms of this Privacy Policy as updated from time to time. Please ensure that you visit our Policy regularly to obtain updated information on the handling of your Personal Data.

Sections 15. DATA PROTECTION OFFICERS; CONTACT US

Under the PDPA, we are required to designate at least one individual as the DPO to oversee data protection responsibilities and ensure compliance with the PDPA.

The DPO may be contacted at:

2 VENTURE DRIVE #06-09 VISION EXCHANGE SINGAPORE (608526)
Attention: Data Protection Officer

Email: thunderhyperx.sg@gmail.com