Privacy Policy

 

I. About this Privacy Policy

This Privacy & Cookie Policy (“Privacy Policy” or “Policy”) describes how Anduril Pte. Ltd. (UEN 201835719C) and its affiliates (collectively, “GSG”) manages Personal Data in accordance with the Personal Data Protection Act 2012 of Singapore (“PDPA”) in relation to its clients. By virtue of Article 27(2)(a) of GDPR, GSG is not required to appoint a data representative within the EU. We continuously monitor how we process personal information regarding persons situated in the EEA and will update this section in the event that the exemption at Article 27(2)(a) no longer applies to GSG.

The words “we”, “us”, “our” or any of their derivatives shall refer to the GSG. The words “you”, “your”, “yours” or any of their derivatives shall refer to the person registering for and using the services provided by GSG.

This Privacy Policy applies whenever you: (i) use our website; (ii) subscribe, sign up or opt in to receive any marketing materials or publications; or (iii) use any of the other services that we offer to our clients (together the “Services”). By registering for and using Services as provided by GSG, you are taken to have agreed to this Privacy Policy and our collection, use, processing, and disclosure of your Personal Data in accordance with this Privacy Policy and as may be amended from time to time.

If you disagree with this Privacy Policy, you should stop using our Services immediately and contact us to withdraw your consent towards the collection, use, and disclosure of your Personal Data.

 

II. Collection of Personal Data

In this Privacy Policy, we adopt the definition of Personal Data as defined in the PDPA, which means data, whether true or not, about an individual who can be identified from that data, or from that data and other information to which we have or are likely to have access. We shall notify you of the purposes for which your Personal Data will be collected, used, or disclosed before or at the time of such collection, and we will only do so with your consent, unless exemptions under applicable law apply.

We may collect the following non-exhaustive Personal Data from you or such other third parties you have duly authorised to disclose your Personal Data (“authorised third party”) when you use any of the Services provided by GSG:

  1. Personal details, including your name, unique identification numbers (such as your national identity card or passport number), gender, date of birth, country of birth, citizenship, residential or business addresses, telephone number, any personal or business email addresses, photographs, and copies of your current government issued identity card, driving license, or passport;
  2. Employment details, including employment status, title or position, employer, type of industry, and office address;
  3. Financial information, including source of wealth, annual income, net worth, accredited investor status, bank account details or wallet address details, and copies of documentary evidence over your source of wealth and/or source of funds;
  4. Internet Protocol (“IP”) address and other location information including but not limited to your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, and such geographical location data;
  5. Session technical information and session information, including but not limited to transaction record data, full Uniform Resource Locators (“URL”), clickstream to, through, and from our servicer (including date and time), items viewed or searched, page response times, and page interaction information.
  6. Any other information publicly available and accessible; and
  7. Any other information required for GSG to maintain and process your use of the Services, including in accordance with our Agreement with you, including but not limited to our correspondence with you, account trading history, transaction data, and session information, session technical information.

We rely on the accuracy and completeness of the Personal Data provided by you or your authorised third party to provide the Services to you. We may take reasonable steps to verify the accuracy and completeness of the Personal Data if it is likely to be used to make a decision that affects you or to be disclosed to another organisation. Please inform us if there are any changes to your Personal Data by contacting our Investor Relations Team at ir@gsgasset.com. You are responsible for ensuring that all Personal Data provided to us is complete, accurate, and up to date. We may rely on such data to assess your suitability and provide Services to you. Please promptly inform us of any changes.

We store and process all of your Personal Data in Singapore, where our operations team is based. We may process your Personal Data overseas where required by business processes, including for purposes not limited to various onboarding procedures (e.g. know-your-customer (KYC) and know-your-business (KYB)) and in compliance with the PDPA and local laws.

 

III. Purpose of Collection, Use, and Disclosure of Personal Data

We collect, use, and disclose Personal Data where necessary to perform our obligations to you, to comply with legal requirements, or where we have a legitimate interest in doing so. By providing such Personal Data, you represent and warrant that all such data is complete and accurate and that you have obtained any third-party consent where required. You agree that GSG shall not be liable for any loss arising from inaccurate or unauthorised data disclosures made by you.

We collect, use, and disclose your Personal Data for the following non-exhaustive purposes (the “Purposes”):

  1. Identifying and verifying your identity and the accuracy of your personal details;
  2. Assessing and evaluating your suitability to use the Services;
  3. Complying with our Anti-Money Laundering and Countering the Financing of Terrorism (“AML/CFT”) requirements, and generally applicable AML/CFT laws such as Corruption, Drug Trafficking and Other Serious Crimes (Confiscation of Benefits) Act 1992, and Terrorism (Suppression of Financing) Act 2002 of Singapore;
  4. To provide the Services to you in accordance with our Agreement with you;
  5. To support and improve our Services to you and generally.

In carrying out the Purposes, we may disclose your Personal Data internally on a confidential basis to certain employees or to third party service providers and professional advisors on a strict and legitimate need-to-know basis.

We may disclose your Personal Data to the following non-exhaustive third-party service providers:

  1. Our related affiliates and their respective employees, officers, and directors;
  2. Cloud service providers to store and back-up data;
  3. KYC and CDD service providers to conduct anti-money laundering (“AML”) and countering the financing of terrorism (“CFT”) checks;
  4. Where required by law, law enforcement agencies, public authorities, or judicial bodies and organisations including but not limited to, the Singapore Police Force and the Monetary Authority of Singapore (“MAS”);
  5. Such other third party that acquires all or substantially all of us or our business; and
  6. Such other third party required to provide the Services to you.

Third parties to whom we have disclosed your Personal Data may not be located in Singapore but elsewhere. We ensure that any disclosure of your Personal Data overseas is in compliance with the PDPA.

We may provide links to other third-party sites, applications, and APIs as a convenience to you (collectively, the “Third Party Links”).

Please exercise care when visiting or using any Third Party Links. The Third Party Links have separate and independent privacy policies, notices and terms of use which govern your use of such tools and their use of any information they collect.

We recommend you read these policies carefully. We disclaim all liability for personal information you provide to any Third Party Links.

 

IV. Cookies

Our Site, gsgasset.com, contains “cookies”, small text files containing small amounts of information which are automatically downloaded into your computer (or another electronic device) when you access to this Site.

Cookies help us to measure the number of visits, average time spent, page views and other statistics relating to your access to this Site. This information allows us to better administer this Site and provide a more tailored and user-friendly service to our users.

Cookies also enable you to use or access certain features or services of this Site. Each time you visit this Site from the same computer or device, the cookie will be retrieved from your computer or device, enabling this Site to recognise your computer or device as having previously visited the Site and thereby increase the functionality of the Site on your computer or device. As such, we use cookies to: (i) recognise your browser as a previous visitor and save any preferences that may have been set during your last visit to this Site; (ii) obtain information about your preferences, online movements and use of the Internet; (iii) track website analytics and carry out research and statistical analysis to help improve our content, products and services and to help us better understand our visitors’ or customers’ requirements and interests; (iv) customise and target our marketing and advertising campaigns and those of our partners more effectively by providing personalised interest-based advertisements; (v) measure and research the effectiveness of our interactive online content, features, advertisements, and other communications; (vi) make your online experience more efficient and enjoyable.

We may obtain information about your computer or other electronic device such as your IP address, your browser and/or other internet log information.

Further information about cookies, including how to see what cookies have been set on your computer or device and how to manage and delete them, visit www.allaboutcookies.org and www.allaboutcookies.org.

 

V. Security

We implement commercially reasonable administrative, physical, and technical safeguards to protect Personal Data against loss, misuse, unauthorised access, modification, or disclosure. These include access controls, encryption, firewalls, secure servers, and regular staff training. We also review our security arrangements to ensure that Personal Data is adequately protected at all times. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of the information transmitted to our Services; any transmission of your information is at your own risk.

 

VI. Withdrawal of Consent

We shall retain personal data for as long as it is reasonable to assume the need for retention, to fulfil the purposes for which such data was collected, our business purposes, or as is otherwise required under any applicable laws. You have the right to know whether we process personal information about you, and if we do, to access personal information we hold about you and certain information about how we use it and who we share it with by requesting for such information to privacy@gsgasset.com. You may withdraw your consent towards our collection, use, processing, or disclosure at any time by contacting our Data Protection Officer and giving us 14 business days of notice from the date in which we receive your withdrawal notice. We may continue to retain Personal Data even after withdrawal of consent if required under applicable law, including for compliance with AML/CFT regulations or legal obligations.

We may need more time to process the withdrawal of your consent depending on the circumstances and in such circumstances, we will inform you of the time frame in which we will process the withdrawal of consent.

Please indicate the purposes in which you withdraw your consent for, bearing in mind the Section titled “Purpose of Collection, Use, and Disclosure of Personal Data” If you do not indicate which purpose in which you withdraw your consent for, we may be unable to process your withdrawal of consent.

As noted above at Purpose of Collection, Use, and Disclosure of Personal Data, all of the Purposes are mandatory. This means that should you withdraw your consent for any mandatory Purpose, we may be unable to continue our business relationship with you. This may incur legal consequences.

 

VII. Retention of Personal Data

We will retain your personal information as described below (except if otherwise required to be retained by applicable law): (i) Information you give us (Name, address, e-mail address and phone number, cryptocurrency wallet address, bank account information). This information is retained for the period for which you hold your account. (ii) Information we collect about you (website visit and browsing information for each session (including technical information), location information, IP address, transaction data). This information is retained for the period for which you hold your account and then deleted within 30 days of a lawful, valid request to exercise your legal rights to deletion of such information. (iii) Information we receive from others source or that is required to comply with AML or KYC policies (financial information, copies of personal identification documents (including copies of your passport and/or driver license) and photograph). This information is retained for the period for which such information must be retained under applicable law in the countries in which we operate. Once retention is no longer necessary for legal or business purposes, we will securely destroy or anonymise such Personal Data.

 

VIII. Changes to the Policy

We may amend this policy at any time by posting a revised version on the Website. The revised version will be effective at the time we post it. We encourage you to periodically check this page for the latest information on our Privacy Policy.

 

IX. Governing Law

This Privacy Policy shall be governed by and construed in accordance with the laws of Singapore without regard to choice or conflicts of law principles and you hereby agree to submit to the exclusive jurisdiction of the courts of Singapore to resolve any claims or disputes which may arise in connection with this Policy.

 

X. Data Protection Officer

You may contact our Data Protection Officer at privacy@gsgasset.com if you have any queries, feedback or requests. You may request access to the Personal Data we hold or request for rectification of any inaccurate Personal Data by submitting your request via email to our Data Protection Officer.

You may withdraw your consent towards the collection, use, and disclosure of your Personal Data for any or all of the Purposes by submitting your request via email to our Data Protection Officer. Please note that in the event that you withdraw your consent towards the collection, use, and disclosure of your Personal Data for any or all of the Purposes, we may be unable to provide the Services to you and will cease to provide such Services to you. Please note that your right to access or correct Personal Data may be limited under applicable law, including where such data is collected for compliance with anti-money laundering, terrorism financing, or other regulatory obligations under Singapore law (e.g., CDSA, TSOFA), or where disclosure may prejudice investigations or legal proceedings. All requests must be made in writing and include sufficient detail for us to verify your identity and understand the scope of your request.

We aim to respond to your request as soon as reasonably possible but no longer than 14 business days from the date of receipt of your request.