Privacy Policy

1. Personal Data

1.1 In this Policy, "Personal Data" means (a) all data that falls within the definition of personal information, personal data, personally identifiable information or similar language under the Privacy Act and any applicable law related to the protection, privacy and security, collection, use or disclosure of sensitive or other personally identifiable information (collectively, "Data Protection Laws"); (b) all personally identifiable information including name, residential or business address, email address, telephone number, photograph, account number, driver's license, passport, social security or government issued identification number; and (c) all other information relating to or associated with such personally identifiable information.

1.2 Examples of such Personal Data which you may provide to us could include (depending on the nature of your interaction with us):

• your name, addresses, telephone numbers, email addresses, ID or passport number, photographs, video images, contact preferences, date of birth, medical records, biometric information (including fingerprints and facial images) and any other information relating to you which you have provided us in any form you may have submitted to us, or via other forms of interaction with you;
• information about your use of our Platform, including cookies, information about your domain name, IP addresses, subscription account details and membership details; and
• your payment related information, such as your bank account or credit card information, and your credit history.

2. Collection of your Personal Data

2.1 Generally, we may collect your Personal Data in the following ways, depending on the nature of your interaction with us:

• when you register your details with our company representatives;
• when you enter into any agreement or provide other documentation or information in respect of your interactions with us;
• when you submit your Personal Data to us when you enter our property and/or premises and/or when your images are captured by us via CCTV cameras while you are within our property and/or premises, or via photographs or videos taken by us or our representatives when you attend our events;
• when you complete our sales orders, requests or applications for our products and services (by phone, in person, mail, or electronically);
• when you interact with our staff in relation to our products and services, including customer service officers, for example via telephone calls (which may be recorded), direct mails, fax, face-to-face meetings, social media platforms, emails or any other means;
• when you use and/or subscribe to any of our products and services such as assembly/installation services, training services and/or any of our maintenance and after sales service program;
• when you conduct certain types of transactions such as payments;
• when you interact with us during promotions, competitions, contests, special events, workshops or respond to any request for additional Personal Data;
• when we receive your Personal Data from business partners, public agencies, your exemployer, referral intermediaries, and any third parties or the relevant authorities, for example where you have been referred by business partners or where we have sought information about you in connection with your relationship with us, including for our products and services or job applications; and/or
• when you submit your Personal Data to us for any other reason.

2.2 Without prejudice to the generality of Clause 2.1, we may collect information about the computer, mobile telephone, smart phone or other device you use to access our Platform.

2.3 When you browse our Platform, you generally do so anonymously but please see Clause 9 below for information on cookies, web beacons and other technologies which we have implemented on our Platform. We do not, at our Platform, automatically collect Personal Data unless you provide such information to us.

2.4 If you provide us with any Personal Data relating to a third party (e.g. referral information from existing customers), by submitting such information to us, you represent to us that you have 3 obtained the consent of the third party to provide us with their Personal Data for the respective purposes.

2.5 Where consent is not obtained, Info-Tech Systems Integrators Pte Ltd may collect, use and disclosed personal data pursuant to an exception under the PDPA or other written law when the use is necessary for the following scenario:

• To respond to an emergency that threatens your life, health and safety or of another individual
• Necessary in the national interest, for any investigations or proceedings

3. Purposes for Collection, Use, Disclosure and Processing of Personal Data

3.1 Subject to the provisions of any applicable law, generally, we may collect, use and disclose your Personal Data for the following purposes depending on the nature of your interaction with us:

• to communicate with you;
• to assess, process and provide products, services and/or facilities to you, including performing obligations in the course of or in connection with our provision of the goods and services requested by you;
• to administer and process any payments related to products, services and/or facilities requested by you or your commercial transactions with us;
• to establish your identity and background;
• to respond to your enquiries, feedback, requests or complaints and/or resolve any issues and disputes which may arise in connection with any dealings with us
• to facilitate your participation in, and our administration of, any events including workshops, promotions, contests or campaigns; to maintain and update internal record keeping
• for internal administrative purposes, or managing and planning the administrative and business operations of Info-Tech and complying with internal policies and procedures;
• to share any of your Personal Data pursuant to any agreement or document which you have duly entered with us for purposes of seeking legal and/or financial advice and/or for purposes of commencing legal action;
• for detecting, conducting any form of investigation and preventing fraudulent, prohibited or illegal activities and analysing and managing commercial risks, including those relating to disputes, billing, fraud, offences, prosecutions etc;
• for enabling us to perform our obligations and enforce our rights under any agreements or documents that we are a party to;
• to transfer or assign our rights, interests and obligations under any agreements entered into with us;
• for meeting any applicable legal or regulatory requirements and making disclosure under the requirements of any applicable law, regulation, direction, court order, by-law, guideline, circular or code applicable to us;
• to enforce or defend our rights and your rights under, and to comply with, our obligations under the applicable laws, legislation and regulations;
• for purposes required to operate, maintain and better manage our business and your relationship with us; which we notify you of at the time of obtaining your consent;
• facilitating business asset transactions (which may extend to any mergers, acquisitions or asset sales);
• matching any Personal Data held which relates to you for any of the purposes listed herein;
• managing the safety and security of our premises and services (including but not limited to carrying out CCTV surveillance and conducting security clearances);
• monitoring or recording phone calls and customer-facing interactions for quality assurance, employee training and performance evaluation and identity verification purposes; and/or
• in connection with any claims, actions or proceedings (including but not limited to drafting and reviewing documents, transaction documentation, obtaining legal advice, and facilitating dispute resolution), and/or protecting and enforcing our contractual and legal rights and obligations.

3.2 In addition, we may collect, use and disclose your Personal Data for the following purposes, depending on the nature of our relationship with you:

• If you have an account with us:
  • to process your account and to maintain your account with us;
  • administering and processing your requests including creating and maintaining profiles of our users in our system database for administrative purposes (including but not limited to tracking your use of the Platform); and/or
  • administering debt recovery and debt management.
• If you are an employee, officer or owner of a vendor, contractor or other external service provider, or prospective vendor, prospective contractor, or other prospective external service provider of Info-Tech:
  • to conduct appropriate due diligence checks;
  • to evaluate your organisation's suitability as a vendor, contractor, and external service provider for Info-Tech and to conduct background checks on you;
  • to create and maintain profiles of our vendors, contractors, and external service providers in our system databases;
  • to process and facilitate necessary actions and processes for the purposes of the work or engagement of said vendor, contractor, and external service provider;
  • to respond to emergencies;
  • for facilities management purposes (including but not limited to issuing visitor access passes and facilitating security clearance); and/or
  • to communicate with your deployed staff, after award of contract, who are in our properties to carry out work or services, and for any emergency or/and security concerns.

3.3 Furthermore, where permitted under Data Protection Laws, Info-Tech may also collect, use and disclose your Personal Data for the following "Additional Purposes":

• taking or filming photographs and videos for corporate publicity or marketing purposes, and featuring your photographs and/or testimonials in our articles and publicity materials and/or on our website;
• providing or marketing services and benefits to you, including promotions, service upgrades, loyalty, reward and/or membership programmes (including event invitations, newsletters and marketing and promotional information to you pursuant to such membership programmes);
• organising roadshows, tours, campaigns and promotional or events and administering contests and competitions;
• matching Personal Data with other data collected for other purposes and from other sources (including third parties) in connection with the provision or offering of services;
• sending you details of services, services updates and rewards, either to our customers generally, or which we have identified may be of interest to you;
• aggregating and analysing customer profiles and data to determine patterns and trends, understanding and analysing customer behaviour, location, preferences and demographics for us to offer you other products and services as well as special offers and marketing programmes which may be relevant to your preferences and profile;
• to provide you with information and/or updates on our products, services, upcoming promotions offered by us and/or events and product launch events organised by us and selected third parties which may be of interest to you from time to time;
• for direct marketing purposes via phone call and/or any other appropriate communication channels to you on our services and products, in accordance with your consent; and/or
• to share any of your Personal Data with our business partners to jointly develop products and/or services or launch marketing campaigns.

3.4 You have the rights regarding Info-Tech collection, use or disclosure of your personal data. If you choose not to provide us the personal data as described in this notice, we may not be able to perform our obligations as stated in clause 3. You have the rights to object to the processing of your personal data and withdraw your consent in the manner described in Clause 6 and 11.

3.5 If you have provided us with your Australia telephone number(s) and have indicated that you consent to receiving marketing or promotional information via your Australia telephone number(s), then from time to time, Info-Tech may contact you using such Australia telephone number(s) (including via voice calls, text, fax or other means) with information about our products and services.

3.6 In relation to particular products or services or in your interactions with us, we may also have specifically notified you of other purposes for which we collect, use or disclose your Personal 6 Data. If so, we will collect, use and disclose your Personal Data for these additional purposes as well, unless we have specifically notified you otherwise.

3.7 Info-Tech shall undertake to protect personal data in its possession or under its control by making reasonable security arrangements to prevent unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks;

4. Disclosure of Personal Data

Subject to the provisions of any applicable law, your Personal Data may be disclosed, for the purposes listed above (where applicable), to the following entities or parties, whether they are located overseas or in Australia:

• third party service providers, agents and other organisations we have engaged to perform any of the functions with reference to the above mentioned purposes;
• amongst Info-Tech staff in Australia and overseas to carry out their job obligations with appropriate technical and organizational measures in place; to assist with the resolution of technical support issues relating to the Software, whether via ticketing system, telephone calls or otherwise.
• any business partner, investor, assignee or transferee (actual or prospective) to facilitate business asset transactions (which may extend to any mergers, acquisitions and debt or asset sale);
• relevant government regulators, government ministries, statutory boards, embassies or authorities and/or law enforcement agencies, whether local or overseas, to comply with any directions, laws, rules, guidelines, regulations or schemes issued or administered by any of them; and/or
• any other party to whom you authorise us to disclose your Personal Data.

5. Request for Access and/or Correction of Personal Data

5.1 You have the right, under the PDPA, to make:

• an access request for access to a copy of the Personal Data which we hold about you or information about the ways in which we use or disclose your Personal Data; or
• a correction request to correct or update any of your Personal Data which we hold,

by submitting your request in writing or via email to our Data Protection Officer ("DPO") at the contact details provided below. Subject to the provisions of Data Protection Laws, we will endeavour to respond to your access and/or correction request within 30 days after receiving such request. If we are unable to respond to your access and/or correction within 30 days after receiving such request, we will inform you in writing within 30 days of the time by which we will be able to respond to the request.

5.2 Depending on the scope and nature of the work required to process your access and/or correction request, we may be required to impose a fee to recover our administrative costs. This will be assessed on a case-by-case basis by our DPO. Where such a fee is to be imposed, we will inform you of the fee before processing your request. Please note that we will only process your request once you have agreed to the payment of the fee. In certain cases, we may also require a deposit from you before we process the access request. You will be notified if a deposit is required, if any.

6. Request to Withdraw Consent

6.1 You have the right, under the PDPA, to withdraw your consent for the collection, use and/or disclosure of your Personal Data in our possession or under our control for any or all of the purposes listed above by submitting your request in writing or via email to our DPO at the contact details provided below.

6.2 Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us. Therefore, you may still receive communication during this period of time.

6.3 If you withdraw your consent to any or all use of your Personal Data, depending on the nature of your request, Info-Tech may not be in a position to continue to provide its products and services to you, or administer any contractual relationship in place, which in turn may also result in the termination of any agreements with Info-Tech, and your being in breach of your contractual obligations or undertakings. Info-Tech's legal rights and remedies in such event are expressly reserved.

6.4 Please note that withdrawing consent does not affect our right to continue to collect, use and disclose Personal Data where such collection, use and disclose without consent is permitted or required under applicable laws.

7. Administration and Management of Personal Data

7.1 We generally rely on you to ensure that any Personal Data provided by you (or your authorised representative) is accurate and complete in all respects. In order to ensure that your Personal Data is current, complete and accurate, please promptly update us if there are changes to your Personal Data by informing our DPO in writing or via email at the contact details provided below. Until you have informed us otherwise, we will treat your Personal Data (as provided by you or your authorised representative) as accurate and complete.

7.2 We may retain your Personal Data for as long as the purpose for which that Personal Data was collected is being served by retention of the Personal Data, retention is necessary for legal or business purposes, or as required or permitted by applicable laws.

8. Transfers of Personal Data outside of Australia

Where applicable, your Personal Data may be stored in external servers located overseas. In addition, as described above, in the course of our business operation needs, we may be required, from time to time, to transfer your Personal Data with and between our related corporations and/or organisations and their affiliates, and third party service providers, some of which may be located in countries outside of Australia. For example, your personal data stored in the Software may be transferred overseas for support functions. The personal data transfer will be in accordance with requirements prescribed under the PDPA or applicable data protection law to ensure that organization provide a standard of protection to personal data. Rest assured, where we disclose personal data to a third party in another country, we put safeguards in place to ensure your personal data remains protected. For more information on the security, please refer to the Security White Paper.

If you are in Australia, we may disclose your Personal Data to overseas recipients located in the following countries: Singapore, Malaysia and India.

9. Use of Cookies, Web Beacons, and Other Technologies

9.1 When you visit or interact with our Platform, we or our authorised service providers may use cookies, web beacons, and other similar technologies for collecting and storing information to help provide you with a better, faster, and safer web experience

9.2 The information collected by us or our authorised service providers may recognise a visitor as a unique user and may collect information such as how a visitor arrives at our Platform, what kind of browser a visitor is on, what operating system a visitor is using, a visitor's IP address and a visitor's click stream information and time stamp (for example, which pages they have viewed, the time the pages were accessed and the time spent per web page).

9.3 The use of cookies, web beacons and similar technologies by us on our Platform has different functions. They are either necessary for the functioning of our services, help us improve our performance, or serve to provide you with extra functionalities. They may also be used to deliver content that is more relevant to you and your interests, or to target advertising to you on or off our Platform.

Cookies - Small text files (typically made up of letters and numbers) placed in the memory of your browser or device when you visit a website or view a message. Cookies allow a website to recognise a particular device or browser. There are several types of cookies:

• Session cookies expire at the end of your browser session and allow us to link your actions during that particular browser session.
• Persistent cookies are stored on your device in between browser sessions, allowing us to remember your preferences or actions across multiple sites.
• First-party cookies are set by the site you are visiting
• Third-party cookies are set by a third party site separate from the site you are visiting.

Cookies can be disabled or removed by tools that are available in most commercial browsers. The preferences for each browser you use will need to be set separately and different browsers offer different functionality and options.

[Web beacons - Small graphic images (also known as "pixel tags" or "clear GIFs") may be included on our Platform. Web beacons typically work in conjunction with cookies to profile each unique user and user behaviour.]

[Similar technologies - Technologies that store information in your browser or device utilising local shared objects or local storage, such as flash cookies, HTML 5 cookies, and other web application software methods. These technologies can operate across all of your browsers.]

We may use the terms "cookies" or "similar technologies" interchangeably in our policies to refer to all technologies that we may use to collect or store information in your browser or device or that collect information or assist in identifying you as a unique user in the manner described above.

9.4 The Platform and certain site features and services are available only through the use of these technologies. You are always free to block, delete, or disable these technologies if your browser so permits.

However, if you decline cookies or other similar technologies, you may not be able to take advantage of the Platform and certain site features or services tools. For more information on how you can block, delete, or disable these technologies, please review your browser settings.

10. Third-Party Sites

Our Platform may contain links to other websites operated by third parties, including for example our business partners. We are not responsible for the data protection practices of websites operated by third parties that are linked to our Platform. We encourage you to learn about the data protection practices of such third party websites. Some of these third party websites may be co-branded with our logo or trade mark, even though they are not operated or maintained by us. Once you have left our Platform, you should check the applicable privacy policy of the third party website to determine how they will handle any information they collect from you.

11. Contacting Us - Withdrawal of Consent, Access or Correction of Data

11.1 If you:

• have any questions or feedback relating to your Personal Data or about this Policy;
• would like to withdraw your consent to any use of your Personal Data as set out in this Policy; or
• would like to obtain access and make correction to your Personal Data records, please contact us as follows:

Data Protection Officer
Info-Tech Systems Integrators Pty Ltd
Level 16, Tower 2 Darling Park,
201 Sussex Street,
Sydney NSW 2000
Email: sales@info-tech.com.au
Phone: +61 2 7201 9808

11.2 Where it is an email or a letter through which you are submitting a complaint, your indication at the subject header that it is a PDPA complaint would assist us in attending to your complaint speedily by passing it on to the relevant staff in our organization to handle. For example, you could insert the subject header as "PDPA Complaint".

11.3 Please note that if your Personal Data has been provided to us by a third party (e.g. your employer), you should contact that organisation or individual to make such queries, complaints, and access and correction requests to Info-Tech on your behalf.

12. Updates to this Policy

We may from time to time amend the terms of this Policy, at our absolute discretion, to ensure that this Policy is consistent with our future developments, industry trends and/or any changes in legal or regulatory requirements. Subject to your rights at law, you agree to be bound by the prevailing terms of this Policy as updated from time to time on our Platform at https://www.info-tech.com.sg/privacy-policy You are encouraged to visit the above website from time to time to ensure that you are well informed of our latest policies in relation to personal data protection.

13. Governing Law

This Policy shall be governed in all respects by the laws of Australia.