Privacy Policy

Thank you for your trust and support, we understand the importance of your personal information, we will take appropriate measures to protect your personal information. NOW, THEREFORE, Tiger, which includes Tiger Brokers (NZ) Ltd, Tiger Brokers (AU) Pty Ltd, Tiger Brokers (Singapore) Pte Ltd and other related companies (hereinafter “We”) has instituted this Privacy Policy (hereinafter “this Policy/this Privacy Policy”) and hereby reminded you of:

This policy applies to products or services provided by Tiger. If our affiliates use products or services provided by Tiger without an independent legal declaration or privacy policy, this policy shall also apply to such products or services.

This Policy has a close relationship with your use of our products and services. Please be sure to read this Policy carefully before using any of our products and services, and use the relevant products and services after you acknowledge that you fully understand and agree to this Policy. By starting to use each of our products or services, it represents that you fully understand and agree to this Policy and agree that we will collect, use, store, share and protect your related information in accordance with this Policy. Your personal information will be treated strictly in accordance with Privacy Act in relevant jurisdictions including

·      The Australian Privacy Principles in the Privacy Act 1988 and the Privacy Amendment (Enhancing Privacy Protection) Act 2012;

·      The Privacy Act 1993 and Amendments and relevant Acts in New Zealand;

·      The Personal Data Protection Act 2012 (PDPA) and relevant Acts in Singapore; and

·      The Cybersecurity Law of the People's Republic of China and Law of the People's Republic of China on the Protection of Consumer Rights and Interests (2013 Amendment) and relevant laws and regulations in China.


If you have any questions about this Policy or related matters, please contact us through our customer service.

This Policy will help you understand the following:

1.     How we collect and use your personal information

2.     How we use cookies and similar technologies

3.     How we share, transfer and publicly disclose your information

4.     How we protect your information

5.     More rights or information of individuals covered by GDPR

6.     Your rights

7.     How we protect minors' information

8.     How does your information move globally

9.     How is this Policy updated

10.  How to contact us.


1.      How we collect and use your personal information

When you use our products and/or services, your personal information needs/may need to be collected and used include the following two types:

1.1  To provide you with the basic functions of our products and/or services, you must authorize us to collect and use the necessary information. If you refuse to provide such information, you will not be able to properly use our products and/or services;

1.2  Information you have chosen to authorize us to collect and use in order to provide you with additional functionality for our products and/or services. If you refuse to provide this information, you will not be able to use the related additional features or achieve the desired results, but it will not affect your normal use of the basic features of our products and/or services.

You understand and agree that:

1.3  We are committed to developing a diverse range of products and services to meet your needs, as we provide you with a large number of products and services and the scope of specific products/services chosen to be used by different users, therefore, the basic/additional functions and the type and scope of personal information collected and used will vary accordingly. Please take the specific functions of products/services as the standard.

1.4  In order to bring you a better product and service experience, we continue to strive to improve our technology, with which we may launch new or optimized features from time to time, and may need to collect, use, or change the purpose or way personal information is used. In this regard, we will otherwise explain to you the purpose, scope and use of the relevant information by updating this Policy, pop-up window and webpage reminder and provide you with methods in your sole discretion to approve the same, and collect and use such information upon express consent from you. If you have any questions, comments or suggestions during such process, you may contact us by the contact information provided on our website and we will answer your questions as soon as possible.

We will implement the following functions of this Policy to collect and use your personal information:

1.5  Help you to be our user so that you can be served online

To comply with laws and regulations and to provide you with more personalized and convenient service, when you register as a user, you need to at least provide us with a mobile phone number or email address to create an account and perfect relevant internet identity information (such as avatar, nickname and login password); if you only need to use the browsing, search and other functions, you need not register to become a user of us and provide the above information.

Authorized Login: In order to make it easy for you to sign up or log in with a third party account, we may obtain your account information from the third party and bind it with your account, so that you can sign in directly and use our products and/or services. We will use your relevant information within the scope of your authorization and consent pursuant to the agreement with a third party.

1.6       The information you offered when using our service

(1)  Performance of anti-money laundering obligations and real-name system management in accordance with laws and regulations and regulatory provisions

When you apply for opening an account, you shall provide your identity information as required in accordance with laws, regulations and regulatory provisions, including name, nationality/country of legal residence, type/number of valid identity certificate, email address, resident address information, family status (marital status, number of family members), date of birth, personal signature format and face identification information; If your nationality, place of birth, legal residence and place of tax payment are inconsistent, you are also required to fill in the country of birth, country of jurisdiction for tax payment and tax identification number; if your permanent address is different from the ID address, you are required to separately provide documents to prove your address (for example, water and electricity bill/bank statement/driver license/housing property certificate/household register, etc. which contains address information).

(2)  Perform the "Know Your Client" assessment, client rating and risk rating evaluation in accordance with laws, regulations and regulatory provisions

According to the requirements of laws and regulations, at the time of opening your account, we need to assess and rate your investment appropriateness, and provide you with a risk rating assessment,  we need you to provide occupational status, asset information (scope of net current assets, scope of net assets, scope of total assets, and scope of net annual income) and investment experience information (trading years and times of different varieties, and investment preferences). When you are employed or starting a business, you will need to provide detailed employment information, including company name, location and address, industry, and position. If you or your immediate family member is a regulator, you also need to fill in the name of the regulator and the stock code of the listed company; when you are a student or retiree, you only need to fill in the source of fund information.

(3)  Deposit/Withdrawal of Fund

When you deposit/withdraw funds from your account, based on risk control and anti-money laundering requirements, you need to provide your bank card account number, name of bank card holder (which must be consistent with the name of the securities account) and information about the amount of funds deposited/withdrawn.

(4)  Customer Service

To ensure the security of your account and system, we need you to provide us with the necessary personal information to verify your identity when you contact us or file a dispute or personal account application.

For the convenience of contacting you and to help you resolve the problem as soon as possible or to record solutions and results of related problems, we may maintain records of your correspondence/telephone conversations with us and the relevant content (including account information, order information, other information you provide to substantiate the relevant facts, or contact information you left), and we will use your account information and order information if you make inquiries, complaints or suggestions with respect to a specific order.

We may also use additional information about you, including the information you provided when contacting customer service and the replies you sent to us when you participated in the survey, to provide reasonable service and to improve the quality of service.

1.7  Personal information that we may collect while you are using the service

In order to comply with laws and regulations and meet the basic requirements for the provision of services and ensure the security of your account and system operation, we will collect and store relevant information generated during your use of our services as web logs, including:

(1)  Equipment Information

To ensure security, stability, and risk prevention for the service, we need to record your device model, unique device identifier, operating system, IP address, resolution, app download channel, current app version number, and app language settings information.

(2)  Operation Log Information

When you use our community and information services, in order to recommend more interesting information and improve your experience, we automatically collect the necessary blog information, including posts, comments, comments, follow-ups, favorites, searches, browsing, sharing information.

1.8  To provide you with other additional services

To provide you with a more convenient, high-quality, personalized product and/or service, and work to enhance your experience, our mobile app will ask for some necessary system permissions from your device.

 

location based services

We will provide with better market services in different countries according to the current location information of mobile devices.

camera/webcam based

add-on Services

Take ID cards and other documents/materials with the camera/webcam authority turned on, or take photos for evaluation and sharing, as well as face recognition authorized by you in a specific scene and other functions. When you use this add-on feature for face recognition, we collect your facial features and use them strictly within the scope of your authorized use, In the future, if we plan to use your facial information to provide you with other products and/or services, we will confirm with you again.

additional services based on photo album (photo gallery) visits and uploads

You can use this feature to upload your photos/pictures after you open the album permission to change your head picture, make comments, share, upload ID cards and other supporting materials.

Additional Microphone-

based voice technology related services

You can use the microphone to provide voice feedback to the customer service or to communicate with the customer service after you turn on the microphone. Even if you have agreed to turn on microphone permissions, we will only get voice information from the microphone when you actively tap the microphone icon in the client or record a video.

additional services based on address book information

This permission allows you to more conveniently invite contacts in your address book to register in Tiger.

additional services based on calendar

After you authorize reading or writing access to your calendar, we will read/record the dates of corporate actions you follow to your system calendar for prompt alerts.

additional services based on fingerprint and face recognition

Our app provides a secure add-on service for fingerprint or face recognition instead of transaction passwords to secure transactions and access to transaction or capital account interfaces, allowing you to gain a more secure experience.

You understand and agree that such additional services may require you to enable access to your location (geo-location), camerawebcam, photo album (photo gallery), microphone (voice), contact book, and/or calendar on your device in order to enable the collection and use of information with respect to those rights. You may review the status of these authorizations item by item in your device settings, and may enable or disable these authorizations at any time at your sole discretion. Please note that by enabling any permission, you authorize us to collect and use related personal information to provide corresponding services to you. Once you disable any permission, you cancel the permission on your behalf. We will no longer continue to collect and use related personal information based on the corresponding permission, nor will we be able to provide services to you. However, your decision to turn off permissions does not affect the collection and use of information previously based on your authorization.

1.9  To provide you with safety assurance

In order to improve the security of your use of our services, protect your personal information and property safety or other users or the public from being infringed upon, better prevent phishing sites, fraud, network vulnerabilities, computer viruses, network attacks and intrusions as well as other security risks, and more accurately identify violations of laws and regulations, we may use or integrate your personal information, transaction information, device information, service log information as well as the information that our affiliates and partners have obtained your authorization or shared according to laws to comprehensively identify the risks of your account, conduct identity verification, detection and prevent security incidents, and take necessary recording, auditing, analysis and disposal measures according to the law.

1.10         In accordance with relevant laws, regulations and national standards, we may collect and use your personal information in accordance with law without your authorization if the following circumstances apply:

(1)  Directly relevant to the national security and national defense security;

(2)  Relates directly to public security, public health or important public interest; and

(3)  Those directly related to criminal investigation, prosecution, trial and execution of judgments;

(4)  Your consent cannot be obtained in a timely manner for the purpose of protecting your or others’ material legitimate rights and interests such as life and property;

(5)  The personal information collected is made public to the society by yourself;

(6)  Collect your personal information from legally disclosed information, such as legal news reports, government information disclosure and other channels;

(7)  It is necessary for the execution and performance of this Policy in accordance with your requirements;

(8)  Necessary for maintaining the safe and stable operation of the Services provided, such as detection and handling of service failures;

(9)  Required for lawful news reporting;

(10) Academic research institutions conduct statistics or academic research based on the public interests, and provide external academic research or description results, and conduct de-identification of the personal information contained in the results;

(11) Other circumstances stipulated by relevant laws and regulations.

1.11         Miscellaneous

Please understand that the services we provide to you are constantly updated and evolving. If you choose to use other services that are not covered by the above instructions, we will inform you of the scope and purpose of the information collection through page prompts, interaction processes, and agreement, subject to your consent. We will use, store, provide external service and protect your information in accordance with this Policy and the corresponding client service agreement; if you choose not to provide the above information, you may be unable to use a certain service or part of the service, but your use of other services shall not be affected.

 

2.     How we use cookies and similar technologies

2.1  Cookie

A cookie is a small text file created by a web site server and saved on a user's browser, and when a user visits a web site server, the web site can access cookie information. In addition to being used to identify users, cookies can also be used to store user information and track user access behavior.

We do not use cookies to collect and track any information or behavior about a user, other than to verify the user's identity and login status.

You can manage and delete cookies according to your preferences, and most browsers have the ability to disable or delete cookies from your system. Note that blocking cookies can cause some features on our website or system to not work or work effectively, which can affect your experience.

2.2  Cookie homogeneity technology

In addition to cookies, we use Authorization or Web Beacon and other similar technologies on the web site, Authorization is an HTTP protocol header that is passed behind the browser and the server of the Internet, instead of a cookie use,the Web Beacon can calculate who browses the web or access some cookies. We use Authorization to record your identity and collect information about your web browsing activities through the Web Beacon, such as Internet Protocol (IP) Address, Browser Type, Internet Service Provider (ISP), Visited Pages, Operating System, Date/Time Stamp, Click Data Stream, and so we can learn more about and improve our products and services.

2.3  SDK technology

We use third-party SDKs embedded in our mobile apps, and some of them collect some of your information, such as:

2.3.1        The “Alipay Payment” SDKs are used to purchase the payment services and will collect unique identification information about your device.

2.3.2        We used the Aurora Message Push SDK for the APP Message Push Service, which collects unique identification and location information for your device.

2.3.3        We use a XiaoNeng Customer Service SDK for customer service consulting services, which will apply for voice microphone, camera photo permissions.

We will conduct strict security monitoring of APIs, SDKs and other SDKs that grant partners access to relevant information and agree with such authorizing partners on strict data protection measures to enable them to process personal information in accordance with our delegated purpose, service instructions, this Policy and any other relevant confidentiality and security measures.

 

3.      How we share, transfer and publicly disclose your information

3.1       Sharing

(1)    Business Assistance

We undertake to keep your personal information strictly confidential. Unless otherwise required by laws, regulations and regulatory authorities, we will only share your information with a third party, including our affiliated companies, cooperative financial institutions and other partners, in the following circumstances. If we need to share your information with a third party in order to provide services to you, we will evaluate the legitimacy and necessity of the third party's collection of information. We will require third parties to protect your information and strictly comply with the relevant laws, regulations and regulatory requirements. In addition, we will obtain your consent in accordance with laws, regulations and national standards by way of confirmation agreement, copyright-confirmation in specific scenes, pop-up reminder and other means, or confirm that a third party has obtained your consent.

A.   Certain products or services may be provided by a third party or jointly by us and a third party, Therefore, we need to submit your identity information, contact information, professional information, asset information, investment information and order information to third parties (including liquidators and exchanges) in order to provide the products or services that you need;

B.    With your prior consent, we will share your information with a third party to the extent permitted by laws and regulations and not against public order and good morals within the scope of your authorization.

(2)  Information validation

As required by laws and regulations, in order to effectively identify you, we will provide your name, date of birth, gender and ID number information to the third party authentication provider during the account opening process, so that we can identify you as a legitimate and valid customer, complete the account opening for you and provide follow-up services.

(3)  Supervisory Review

Relevant regulatory bodies, self-regulatory associations or competent organizations (including but not limited to various exchanges and governmental authorities) may request that we provide you with account and transaction information for purposes of supervision and inspection to confirm whether we have complied with our legal obligations.

(4)  Complaint Handling

If you make a complaint against us or another person or are complained against, to protect your and another person’s legitimate rights and interests, we may keep your name, contact information and content relevant to the complaint in the customer service system provided by a third party supplier and may provide the same to the consumer rights and interests protection department and regulatory authorities so that we may resolve complaints and disputes in a timely manner, except where such provision is expressly prohibited by laws and regulations. 

3.2  Transfer

We will not transfer your personal information to any company, organization or individual except in the following circumstances:

(1)  Obtain your consent in advance;

(2)  In accordance with laws, regulations or mandatory administrative or judicial requirements;

(3)  Where the transfer of assets, acquisition, merger, reorganization or bankruptcy liquidation is involved, if the transfer of personal information is involved, we will inform you of the relevant situation, and require the new companies and organizations that hold your personal information to continue to be bound by this Policy. If the purpose for the use of personal information is changed, we will request the company or organization to obtain your consent.

3.3       Disclosure to the public

We do not disclose your information in principle except for the desensitized display of the winner's mobile phone number or user nickname when announcing some of the winners. If any public disclosure is required, we will obtain your consent by notifying you of the purpose of such public disclosure, the type of information to be disclosed and any sensitive information that may be involved.

3.4  In accordance with relevant laws, regulations, policies and standards, we may share, transfer and publicly disclose your personal information in accordance with law without your consent in the following circumstances:

(1)  Directly relevant to the national security and national defense security;

(2)  Relates directly to public security, public health or important public interest;

(3)  Those directly related to criminal investigation, prosecution, trial and execution of judgments;

(4)  Your consent is difficult to obtain for the purpose of protecting your or other individuals’ material legitimate rights and interests such as life and property;

(5)  The personal information you disclose to the public by yourself;

(6)  Personal information collected from legally and publicly disclosed information, such as legal news reports, government information disclosure and other channels.

Please understand that, in accordance with applicable laws, if we take technical and other necessary measures to process personal information so that the data recipients cannot re-identify specific individuals and are unable to restore the same, you shall not be required to separately notify and obtain your consent for the sharing, transfer and public disclosure of such processed data.

 

4.     How we protect your information

4.1  We have taken reasonable and practical security measures in line with industry standards to protect your personal information against unauthorized access, public disclosure, use, modification, destruction or loss of data. We will take all reasonable and feasible measures to protect your personal information. We take physical, technical and administrative security measures to mitigate the risks of loss, misuse, unauthorized access, disclosure and alteration, including, but not limited to, transport-level data encryption, firewall and encrypted storage, physical access controls, and information access authorization controls. We've set up a security program to protect your information from unauthorized access. For example, you can communicate with all of our network communications and we ensure encryption is protected with encryption (SSL). Your personal information is encrypted and stored on our server with high strength encryption. We will use a trustworthy protection mechanism to prevent malicious attacks on personal information; we will deploy strict data access authority control and multiple identity authentication technologies to protect personal information and avoid illegal access and use of data. In the use of personal information, such as personal information presentation, personal information correlation calculation, we will use a variety of data desensitization techniques including content replacement, SHA256 to enhance personal information security. We strengthen the audit of personal information security by adopting automatic code security check and data access log analysis technology.

4.2  We have an advanced data management system, which focuses on data life cycle, to improve the security of the whole system from organization construction, system design, personnel management, product technology and so on. For example, we establish the data classification system, data security management rules and security development rules to regulate the storage and use of personal information. We require all employees to sign a confidentiality agreement. we hold training courses on security and privacy, and strengthens employees' understanding of the importance of protecting personal information and conducts operations in strict accordance with protection requirements by such means as assessment and review as well as including data protection in their daily assessment. Enhance security certification and services, we have passed the ISO27001 certification.

4.3  If you are an EU user, under the GDPR terms, in addition to providing systematic personal data protection, our Security Department - Personal Information Protection Commissioner will act as Data Protection Officer (DPO) to be fully responsible for your data protection.

4.4  We will take all reasonable and practical measures to avoid collecting unrelated personal information and will retain your personal information only for such periods of time as is necessary to achieve the purposes described in this Policy, unless an extension of the retention period is required or is permitted by law.

4.5  Please understand that the Internet is not an absolutely secure environment. We strongly recommend that you use our products and services in a secure, sophisticated and reliable manner to help us secure your account. If you find that your personal information is leaked, especially if your account or password is leaked, please contact us immediately according to the contact information provided in this Policy so that we can take appropriate measures.

4.6  In the event of a personal information security incident, we will inform you of the basic situation and possible impact of the incident, the measures we have taken or will take, the recommendations you can take to prevent and mitigate the risks, and the remedial measures you have taken. We will inform you by mail, letter, telephone or push notification. When it is difficult to inform each user one by one, we will take reasonable and effective way to publish announcements. At the same time, we will also report the disposal of information security incidents according to regulatory requirements.

 

5.     More rights or information of individuals covered by GDPR

If your personal information is established in the European Economic Area (‘EEA’), then with regard to personal information that is protected by the Common Data Protection Ordinance (‘GDPR’), you enjoy a range of legal rights with respect to the personal information that you retain at us. Such rights include:

5.1  Obtain information about your personal information processing and access to your personal information retained in our company. Please note that in certain circumstances we have the right to deny access to copies of personal information, and in particular, information that is specifically protected by law and regulation.

5.2  If your personal information is inaccurate or incomplete, you may request us to correct it, but if we require you to provide a copy of your valid identity document to prove the authenticity of your identity information, please cooperate.

5.3  In some cases, you can ask us to delete your personal information. Please note that under certain circumstances (such as for public interest, public health or scientific and historical research purposes) we reserve the right to retain your personal information even if you request us to delete it.

5.4  In some cases, you may refuse the processing of your personal information by us, and you may request us to limit the processing of your personal information. Similarly, in some cases, we have the right to reject your request even if you object or request us to limit the processing of your personal information. If there are other legal reasons, we also have the right to continue without your permission to use or deal with.

According to the GDPR clause, in addition to providing systematic measures for the protection of personal data, we will also set up a Data Protection Officer (DPO) to take full charge of your data protection.

We will evaluate all the requests and complaints we have received and provide you with timely responses. We may request that you provide copies of valid identification documents so that we may fulfill our security obligations and protect against unauthorized data disclosures. If your request for access to data is manifestly unfounded or extraordinary.  

For GDPR-protected personal information, we may be able to transfer your personal information outside the EEA for specific licensing purposes. We will ensure that any such international transmission is properly protected under GDPR or other relevant laws.

 

6.     Your Rights

In accordance with relevant laws, regulations and standards as well as common practices in other countries and regions, we guarantee that you exercise the following rights with respect to your personal information:

6.1       Access your personal information

(1)    You have the right to access your personal information, subject to exceptions provided by laws and regulations;

(2)    You can manage the binding of your account by logging on to our app homepage and entering Me page. Click Settings in the upper-right corner to access and change information such as your phone and mailbox in Account Management and Security Setting. Modify your profile in Me - Personal Homepage - Edit, including your picture, nickname, bio. Modify your logon and transaction passwords under Me- Settings - Security Setting.

(3)    You can login to our website homepage to enter the "Me" page, modify personal information, including mobile phone number, mailbox, login password, etc.

(4)    You can login to our PC homepage, click "Settings" to enter the "Account Management" page, modify personal information, including nicknames, profile, mobile phone number, mailbox, login password;

(5)    You can view your transactions on our website and in our apps;

(6)    If you are unable to access the above information, you can contact the customer service, we will reply to your request within 30 days or 20 working days;

(7)    If you are an EU user, you will have the right to request that we access your personal data and transfer it to another data controller under the GDPR terms.

6.2       Correct your personal information

You can correct or supplement your personal information in the way listed in Access to Your Personal Information.

If you are unable to manage this personal information in this way, you can contact our customer service at any time. We will respond to your request for access within 30 days.

6.3       Delete your personal information

You can request us to delete your personal information in the following cases:

(1)  If we process your personal information in a manner contrary to the provisions of relevant law;

(2)  If we collect and use your personal information without your consent;

(3)  If we process personal information in serious violation of the terms of the agreement with you;

(4)  If you no longer use any of our products or services, or you have actively closed an account;

(5)  If we no longer provide any product or service to you;

(6)  If you are an EU user, you are entitled to request us to delete your personal data according to GDPR terms.

If we decide to respond to your request for deletion, we will also notify the entities that receive your personal information from us of the request to delete it in a timely manner, unless otherwise required by relevant law or regulation, or if they receive your separate authorization. When you remove information from our services, we may not immediately remove that information from the backup system, but we will remove it when we back up updates.

6.4  Protect your personal information

You can protect your personal information by using a complex password without revealing your logon password or account information to anyone. Once you reveal your account number and password, it may have adverse consequences for you. If you find that your account and password have been leaked or will be leaked for any reason, please contact our customer service immediately so that we can take appropriate measures. But we are not responsible for this until we are aware of it and act within a reasonable period of time.

When you sign in to our website or app, especially on a public device, tap Me - Settings - Sign Out to sign out immediately after the session ends.

We will not be liable for any loss of third party access to your personal information due to your failure to protect the confidentiality of your personal information. If you discover any unauthorized use or other security breaches, you can notify us immediately. Your assistance will help us to protect your personal information better.

6.5  Change the scope of your authorized consent or revoke your authorization

You may change the scope of our continuous collection of personal information or revoke your authorization by deleting information, turning off the functions of the device or otherwise. You may also revoke our full authorization to continue to collect your personal information by cancel your account.

You understand that each business function requires some basic personal information to complete. After you withdraw your consent or authorization, we cannot continue to provide you with the service for which you withdraw your consent or authorization, and we will no longer process your personal information. However, your decision to withdraw your consent or authorization will not affect the processing of personal information previously conducted based on your authorization.

6.6  Cancel your account

You may apply for the cancellation of your account by:

(1)    You can submit your account cancellation request in the "Help Center" - "Privacy Security" - "How to cancel your account" on the "Me" page.

(2)    Contact our customer service staff for assistance in applying to cancel your account.

After you log out of your account, we will stop providing you with products or services, delete your personal information according to applicable laws, or make it anonymous.

6.7  Constrained information system automatic decision

In some business functions, we may make decisions based solely on non-human automatic decision-making mechanisms such as information systems, algorithms, etc. If these decisions significantly affect your legitimate rights and interests, you have the right to request us to explain, we will also provide without prejudice to our trade secrets or other rights and interests of users, social public interests.

6.8  Respond to your request above

For security, you may be required to provide a written request or otherwise certify your identity. We may ask you to verify your identity before you process your request. We will give an answer within 30 days or 20 working days. If you are not satisfied, you can also make a complaint through our customer service. For your reasonable request, we do not charge fees in principle, but for repeated, beyond the reasonable limit of the request, we may refuse or as appropriate charge a certain cost. In particular, we have the right to reject requests for information that is not directly related to your identity, information that is repetitive for no reason, or requests for which too much technical means are needed (for example, requests necessary to develop a new system or fundamentally change existing practices), which result in risks to the legitimate rights and interests of others or which are impractical.

We shall have the right to reject your request in accordance with relevant laws and regulations in the following circumstances:

(1)  Related to national security or national defense security;

(2)  Related to public security, public health and major public interests;

(3)  Related to criminal investigation, prosecution, trial and enforcement of judgments;

(4)  There is sufficient evidence to prove that who has malicious intention or abuses his or her right;

(5)  Response to your request will seriously impair the legitimate rights and interests of you or other individuals or organizations;

(6)  Involving trade secrets.

 

7.     How we protect minors' information

7.1  We attach great importance to the protection of the personal information of minors. If you are a minor under the age of 18, you shall obtain prior written consent of your parents or guardian before using any of our products and/or services. We protect the personal information of minors in accordance with relevant laws and regulations. If you are a minor, according to the relevant laws and regulations, we may refuse certain services to you.

7.2  In the case of collection of personal information of a minor with the consent of his or her parents or guardians, we will use or disclose such information only to the extent permitted by laws and regulations and expressly consented to by such parents or guardians or necessary for the protection of the minor.

7.3  If we find ourselves collecting personal information about a minor without the prior consent of a verifiable parent or guardian, we will try to delete the data as soon as possible.


8.     How does your information move globally

The personal information collected and produced within the territory of relevant area will be stored within the territory of corresponding area, except for the following circumstances:

8.1  The applicable laws have specific provisions; and

8.2  Get your explicit authorization;

8.3  You obtain cross-border services directly through the Internet and commit other acts on your own initiative.

In response to the above, we will ensure adequate protection of your personal information under this Policy.

 

9.     How is this Policy Updated

Our Privacy Policy may be updated and adjusted from time to time.

Without your consent, we will not limit your rights under this Policy. We'll show you the latest version of the Privacy Policy on a special page (e.g. Me → Settings → Privacy Policy). We will also provide even more significant notifications for major changes (including notifying you or even providing you with pop-up tips).

Material changes referred to in this Policy include but are not limited to:

9.1  Our service model has changed significantly. For example, the purpose of processing personal information, the type of personal information processed, the way to use personal information, etc.;

9.2  We have a significant change in control and other aspects, such as mergers and acquisitions caused by the information controller change;

9.3  Changes to the main objects of sharing, transfer or public disclosure of personal information;

9.4  There are significant changes in your right to participate in personal information processing and the way in which you exercise such right;

9.5  Changes in the department, contact information and complaint channel responsible for handling personal information security;

9.6  Personal information security impact assessment report shows that there is a high risk.

 

10.  How to contact us

10.1 If you have any questions, comments or suggestions relating to this Policy or to your personal information, please contact us at https://www.itiger.com, via email to service@ tigerbrokers.com or by dialing our customer service phone number 400-603-7555, etc.

10.2 We have the Security Department, the Personal Information Protection Commissioner, which you can contact by sending an email to security@ itiger.com.

10.3 Under normal circumstances, we will reply to your comments within twenty business days after receiving them. If you are not satisfied with our reply, especially if you think that our personal information processing behavior has damaged your legitimate rights and interests, you can also complain or report to the relevant regulatory departments.

10.4 Our Contact address in China: 18/F, Guanjie Building, Taiyanggong Middle Road, Chaoyang District, Beijing.

10.5  Our Contact details in New Zealand: New Zealand Privacy Commissioner, Level 13, 51 – 53 Shortland Street, Auckland

Phone +64 (09) 302 8680

10.6 Our Contact details in Australia: Office of the Australian Information Commissioner, Level 3, 175 Pitt Street, Sydney

Phone from within Australia 1300 363 992

Phone from outside Australia +61 2 9284 9749

Email: enquiries@oaic.gov.au


Tiger Singapore Privacy Supplement

Effective date: November 1, 2019

This supplement is produced for Tiger Brokers (Singapore) Pte Ltd (“TBSPL”). At TBSPL, we understand that your privacy is important, and we endeavor to protect your personal information.

1.   Purpose of Privacy Supplement

Tiger Singapore is bound by and acts in accordance with the Personal Data Protection Act 2012 (PDPA) and relevant Acts in Singapore (“Privacy Requirements”). As part of the Tiger Group, TBSPL collects and manages your personal information in accordance with group standards as well as with Privacy Requirements. Please read the Tiger Group’s Privacy Policy (add link to the policy) (“Policy”) in conjunction with this supplement.


2.   What information and how do we collect?

We collect your personal information when you register for an account with us or use our services or products.

In addition to the personal information we collect from you during account opening, we may collect information about you from public registers, including government administered databases, or other information aggregating services when we assess your application for an account, or any of the products and services we offer.

As part of the account opening requirement, we may collect or verify your personal information via telephone. Your agreement to this supplement constitutes your acknowledgement and acceptance of such calls.

We generally do not collect your personal data unless:

(a)    it is provided to us voluntarily by you directly or via a third party who has been duly authorized by you to disclose your personal data to us after (i) you (or your authorized representative) have been notified of the purposes for which the data is collected, and (ii) you (or your authorized representative) have provided your consent to the collection and usage of your personal data for those purposes, or

(b)    collection and use of personal data without consent is permitted or required by the PDPA or other laws. TBSPL shall seek your consent before collecting any additional personal data and before using your personal data for a purpose which has not been notified to you in the Policy or this Supplement. (except where permitted or authorized by law).


3.   What do we use your personal information for?

We may collect and use your personal data for any or all of the following purposes:

(a)       performing obligations in the course of or in connection with our provision of the goods and/or services requested by you;

(b)       verifying your identity;

(c)       responding to, handling, and processing queries, requests, applications, complaints, and feedback from you;

(d)       managing your relationship with us;

(e)       processing payment or credit transactions;

(f)        sending you marketing information about our goods or services including notifying you of our marketing events, initiatives and promotions, lucky draws, membership and rewards schemes and other promotions;

(g)       complying with any applicable laws, regulations, codes of practice, guidelines, or rules, or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority;

(h)       any other purposes for which you have provided the information;

(i)        transmitting to our affiliates or any unaffiliated third parties including TBSPL’s third party service providers and agents, and relevant governmental and/or regulatory authorities, whether in Singapore or abroad, for the aforementioned purposes; and

(j)        any other incidental business purposes related to or in connection with the above.

The purposes listed above may continue to apply even in situations where your relationship with us (for example, pursuant to a contract) has been terminated or altered in any way, for a reasonable period thereafter (including, where applicable, a period to enable us to enforce our rights under any contract with you).


4.   Will your personal information be passed on to any third parties?

We may disclose your personal data:

(a)    where such disclosure is required for performing obligations in the course of or in connection with our provision of the goods or services requested by you;

(b)    to third party service providers, agents and other organisations we have engaged to perform any of the functions listed in the purposes above for us.

(c)    to affiliates within the Tiger Group;

(d)    to other financial services institutions or similar entities that we deal with as a result of the nature of our business or in relation to the products and services that you utilize (e.g. including third-party services or information providers accessible through our websites, sub-custodians or other third party brokers);

(e)    to external services providers including consulting, legal, accounting or audit firms;

(f)     to regulatory and government bodies in Singapore and in other countries;

(g)    to professional firms engaged by us to match your personal information against government records; or,

(h)    to other third parties as required by a court with jurisdiction.


5.   Will you be able to withdraw your consent earlier provided to us?

Yes. The consent that you provide for the collection, use and disclosure of your personal data will remain valid until such time it is being withdrawn by you in writing. You may withdraw consent and request us to stop using and/or disclosing your personal data by submitting your request in writing or via email to our Data Protection Officer at the contact details provided below.

Upon receipt of your written request to withdraw your consent, we may require reasonable time for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us. In general, we respond to your request within thirty (30) calendar days of receiving it.

Please note that depending on the nature and scope of your request, we may not be able to continue providing our products or services to you and we shall, in such circumstances, notify you before completing the processing of your request. Should you decide to cancel your withdrawal of consent, please inform us in writing in the manner described above.


6.   Can you access, update, correct your personal data which we hold about you?

Yes. If you wish to make (a) an access request for access to a copy of the personal data which we hold about you or information about the ways in which we use or disclose your personal data, or (b) a correction request to correct or update any of your personal data which we hold about you, you may submit your request in writing or via email to our Data Protection Officer at the contact details provided below. We will respond to your request as soon as reasonably possible. In general, we respond to your request within thirty (30) calendar days of receiving it.

Please note that a reasonable fee may be charged for an access request. If so, TBSPL will inform you of the fee before processing your request.


7.   How do we protect your personal data?

As we outlined in the Policy, to safeguard your personal data, we have introduced appropriate administrative, physical and technical measures to secure all storage and transmission of personal data by us, and disclosing personal data both internally and to our authorized third party service providers and agents only on a need-to-know basis.

You should be aware, however, that no method of transmission over the Internet or method of electronic storage is completely secure. While security cannot be guaranteed, we strive to protect the security of your information and are constantly reviewing and enhancing our information security measures.


8.   How long do we retain your personal data?

We may retain your personal data for as long as it is necessary to fulfil the purpose for which it was collected, or as required or permitted by applicable laws.

We will cease to retain your personal data, or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purpose for which the personal data was collected, and is no longer necessary for legal or business purposes.


9.   What else should you know about data protection?

In order to ensure that your personal data is current, complete and accurate, please update us if there are changes to your personal data by informing our Data Protection Officer in writing or via email at the contact details provided below.


10. Transfers of personal data outside of Singapore

We generally do not transfer your personal data to any other entities in the countries outside of Singapore. However, if we do so, typically in cases where provision of the products and/or services requested by you requires us to do so, we will take steps to ensure that your personal data continues to receive a standard of protection that is at least comparable to that provided under the PDPA.


12. Who to contact?

You may contact our Data Protection Officer if you have any enquiries or feedback on our personal data protection policies and procedures, or if you wish to make any request, in the following manner:

Data Protection Officer

Email address: dpo@tigerbrokers.com.sg

Contact number: (65) 6950 8276


13. Effect of notice and changes to notice

We may revise Policy and this Supplement from time to time without any prior notice. You may determine if any such revision has taken place by referring to the date on which this Notice was last updated. Your continued use of our services constitutes your acknowledgement and acceptance of such changes.