This Corppass Privacy Statement (the "Privacy Statement") must be read in conjunction with the Corppass Agreement (the "Corppass Agreement"). Unless otherwise stated, all other capitalized terms contained in this Privacy Statement shall have the meaning given to it in the Corppass Agreement.

In this Privacy Statement, (“we”, “us”, “our”) refers to the Government of the Republic of Singapore.

1. The purpose of this Privacy Statement is to inform you of how we collect, use disclose and process the following data and information:
   1. data relating to you;
   2. personal data relating to Authorised Representatives;
   3. information associated with your Account (including but not limited to Corppass, or Account activity or interaction data); and
   4. data and personal data that may relate to Third Parties and is provided by you or Authorised Representatives
   (collectively, “Data”).
Types of Data that we collect
2. We may request certain types of Data from you or your Authorised Representatives in connection with the Use of Corppass and Corppass Materials by you or Authorised Representatives. Examples of the types of Data which we may request and collect include, but are not limited to:
   1. information relating to your Account;
   2. corporate information relating to you, including details relating to your UEN, business registration details or similar registration details, and your contact information and registered office address;
   3. information from data source(s) approved by us relating to you and Authorised Representatives;
   4. information relating to Authorised Representatives and the Devices used by Authorised Representatives such as:
      1. personal information, including but not limited to NRIC numbers and contact information, including mobile phone numbers, email and mailing addresses;
      2. information from such Devices including but not limited to IP addresses, device fingerprint records (including but not limited to information relating to such Devices, including model type, operating system and the state of such Device) and other forms of metadata generated through the Use of the Corppass and Corppass Materials; and
      3. information relating to the Use of Corppass and Corppass Materials, including but not limited to information relating to the usage of the various functionalities, features or clicks on the Corppass Materials, Device permissions such as the permission to push notifications, use location services, use any connectivity services, and other similar information.
3. We may also collect Data through various technologies including but not limited to:
   1. Analytics Tags: Analytics Tags are used by us to analyse the effectiveness of the functionalities and features of Corppass and Corppass Materials and user preferences relating to the Services in order to improve your user experience. We may use information collected through such analytics tags in combination with your Data (such as transaction history and demographic information) to understand more about the profile of our users.
   2. Cookies: Cookies are small data files which are sent to your browser or Device to store and track information about you when you Use Corppass and Corppass Materials. Cookies are also used to improve and maintain the functionality of Corppass and Corppass Materials, and to track information such as the number of users of Corppass and Corppass Materials, their frequency of use, the profile of the users and other similar information relating to the Use of Corppass and Corppass Materials. While these cookies can tell us when you Use Corppass and Corppass Materials, they cannot read data off your hard disk. Not all cookies collect personal data and you may configure your preferences and settings to reject the use of cookies. However, this may mean you may not be able to take full advantage of Corppass and Corppass Materials, including the features or the functionalities of the Corppass and Corppass Materials.
   3. Server Logs: Server logs are files and records of activity created by the Device that you or Authorised Representatives Use Corppass and Corppass Materials from. For example, a web server log may record a history of page requests whereas other logs may record errors, access attempts or other information about your Device, such as your IP address and your Device's cookie settings. We collect and retain such server logs for administrative, security and troubleshooting purposes.
Why we collect Data
4. Data requested and collected from you or Authorised Representatives may be used, disclosed and processed by us for any, some or all of the following purposes:
   1. to assist, process and facilitate your Use of Corppass and Corppass materials, including registering and creating your Account, logging into your Account and your use of any features or functionalities of Corppass and Corppass Materials;
   2. to carry out your instructions or respond to any queries, feedback or complaints provided by (or purported to be provided by) you or on your behalf, or otherwise for the purposes of responding to or dealing with your interactions with us;
   3. to monitor and track your usage of Corppass and Corppass Materials, in order to assist us in understanding your interests, concerns and preferences and improving Corppass and Corppass Materials;
   4. to conduct research, data analytics, surveys, market studies and similar activities, in order to assist us in understanding your interests, concerns and preferences, improving Corppass and Corppass Materials. For the avoidance of doubt, we may also collect, use, disclose and process such information to create reports and produce statistics regarding your transactions with us and your usage of Corppass and Corppass Materials for record-keeping and reporting or publication purposes (whether internally or externally);
   5. to carry out verification checks, due diligence or other screening activities (including background checks) as may be required by us or any other Public Agency;
   6. for the purposes of storing or creating backups of your Data (whether for contingency or business continuity purposes or otherwise), whether within or outside Singapore;
   7. to prevent or investigate any fraud, unlawful or criminal activity or omission or misconduct, or cybersecurity incident, via the use of your Account, whether or not there is any suspicion of the aforementioned, even if the disclosure of such Data may be potentially incriminating;
   8. to deal with conflict of interests investigate complaints in relation to your Account;
   9. to populate Profile Data for the use of Myinfo Business;
   10. to pre-fill any e-form, user registration page or screen on any Approved Recipient’s Channel(s) with your Profile Data;
   11. to contact you or communicate with you on any matters relating to your Use of Corppass and Corppass Materials, including but not limited to the purposes set out above, via email, push notifications or such other forms of communication that we may introduce from time to time depending on the functionality of Corppass and Corppass Materials and your Device;
   12. for us or other Public Agencies to contact you or communicate with you for purposes which include facilitating the discharge of public functions by us or such Public Agencies, and the conduct of market research, surveys and promotional activities by Public Agencies;
   13. for purpose(s) that do not appear above where permissible under any written law.
   (collectively, the "Purposes").
5. With regard to Data provided by you or Authorised Representatives which we have collected as part of the provision of Corppass or its features or functionalities:
   1. unless prohibited by written law, we may share, transfer and disclose Data with any of the following third parties:
      1. third parties approved by us to use Corppass and its features or functionalities (such as Approved Recipients);
      2. relevant third party service providers in connection with the provision of Corppass and Corppass Materials;
      3. law enforcement authorities, investigative bodies, regulatory bodies;
      4. Public Agencies; and
   2. for your convenience, we may also display to you Data you had previously supplied us. This will speed up the transaction(s) and save you the trouble of repeating previous submissions. Should such displayed Data be out-of-date, you shall be required to supply the latest Data through the relevant functionality in Corppass without delay.
Data of Third Party
6. In the course of your Use of Corppass or Corppass Materials, you or Authorised Representatives may provide or we may collect Data relating to Third Parties from you.
   1. You shall, prior to disclosing to us such Data relating to Third Parties:
      1. notified these Third Parties (a) that you will be providing their personal data to us; and (b) of the purposes for which we will be collecting, using, disclosing and processing their personal data, as set out in this Privacy Statement and as notified by us to you from time to time; and
      2. obtained consent from the Third Parties whose personal data are being disclosed, permitting (a) you to disclose the personal data to us; and (b) us to collect, use, disclose and/or process these individuals' personal data, for the Purposes.
   2. Where this involves the personal data of Third Parties, you represent and warrant that:
      1. the personal data that you will be providing us is accurate, complete and true; and
      2. that you have the valid authority and consent from these Third Parties to act on their behalf and provide their personal data to us to collect, use, disclose and/or process for the Purposes.
How we handle and manage Data
7. Data may be stored in servers, systems or devices (whether located within or outside Singapore) owned, operated or managed by us, and/or our third party service providers, or on the Device, and may be used by us (or our third party service providers) and Approved Recipients to facilitate your Use of Corppass and Corppass Materials.
8. You may withdraw your consent to the use and disclosure of Data by us with reasonable notice and subject to any prevailing legal or contractual restrictions; however, doing so may prevent the proper Use of Corppass or Corppass Materials or part thereof, and may also result in the cessation of your Use of Corppass or Corppass Materials, or any part thereof to you. We may also continue to retain, use, disclose and process your Data for any of the Purposes set out herein notwithstanding your withdrawal of consent where permitted under any applicable law.
Changes to Privacy Statement
9. We reserve the right to change, modify, or supplement the Privacy Statement at our discretion and at any time, by posting the changed, modified or supplemented Privacy Statement on or through the Corppass Website, or through such other means as we may deem appropriate. Your continued Use of Corppass and Corppass Materials following the posting of any change, modification or supplement will constitute your acceptance of such change, modification or supplement. If you do not agree to any change, modification or supplement to the Privacy Statement, please do not Use Corppass or Corppass Materials. Please also check our Privacy Statement regularly to ensure that you are kept informed of the latest changes to the same.

Version History/Change Log – Corppass Privacy Statement

Date of Changes

Summary of Key Changes The key changes are summarized below for your convenience only. Please read through the updated terms carefully.

1 December 2023

Clause 1: We clarified the types of data and information that is collected, used, disclosed and processed under the definition of "Data". Clauses 4.7, 4.8, 4.11 and 5: We clarified the purposes for which Data may be used, disclosed and processed. Clause 6: We clarified that Data relating to other individuals may be provided by you or your Authorised Representatives through your Use of Corppass or Corppass Materials.