Privacy is important to all of us at Cardkins, and you should know what personal information we collect and how we use, store or share this information. Please review this policy and let us know if you have any queries at support@cardkins.com.
Please note for the scope of this policy ‘Cardkins’ means Cardkins Pte Ltd. and all its subsidiaries and the term ‘you’ refers to both people who interact with us as individuals and those who interact with us as representatives of businesses.
Our Commitment
We intend to comply with all applicable regulations and good commercial practices in collecting and handling personal data including the GSMA Mobile Privacy Principles, the DOT eSIM Instructions and KYC Guidelines, the SEBI KYC Guidelines, the proposed Data privacy bills and EU GDPR. As an organization, we have subscribed to a set of principles to be followed by all our personnel and any third parties who handle data when they help us provide services to customers or manage our business.
What and Why we Collect?
We collect your personal data for compliance purposes and to provide you with seamless and uninterrupted services. We ensure that personal data we collect, and the process is adequate, relevant and limited to what is necessary, in relation to our purpose of collection. We may use this data to contact you in case of emergencies or potential interruption in services.
"Contact List" (READ_CONTACTS) Permission is required to share application's respective store link with mobile contact users.
Personal Information
This app functionality requires/requests users to give us contact information (such as their email address) and personal information (such as their names, phone numbers, profile image/picture/photo and address details). The visitor's contact and personal information is used to contact visitors when necessary and requested, but is primarily used to collect personal information necessary to effectively network with other users and visitors on the app or platform. We do not sell, trade, transfer or exchange your personal information with anyone. We do not disclose information about your individual visits to this application and platform, or personal information that you provide, such as your name, address, e-mail address, telephone number, etc., to any outside parties, except when we believe the law requires it. CardKins app uploads a profile image/picture/photo with app user's permission at the time to effectively update their profile. CardKins app asks for permission (for CAMERA and WRITE_EXTERNAL_STORAGE) first from the user for taking image/photo/picture from Gallery or Camera, after which if app user allows it then profile image is updated and uploaded securely.
What do we do with the information we gather?
- To comply with applicable law and regulation (Government Compliance).
- In accordance with our legitimate interests in protecting Cardkins's business interests, and legal rights, including but not limited to, use in connection with legal claims, compliance, regulatory and investigative purposes (including disclosure of such information in connection with legal process or litigation).
- To establish and fulfil a contract with you, for example, if you make a purchase from us or enter into an agreement to provide or receive services. This may include verifying your identity, taking payments, communicating with you, providing customer services and arranging the delivery or other provision of products or services. We require this information in order to enter into a contract with you and are unable to do so without it.
- With your express consent to respond to any comments or complaints we may receive from you, or to investigate any complaints received from you, about our portals, or our products or services.
- We may use information to provide you personalized (i) communications; (ii) setting up portal logins, and (iii) products or services for you, in accordance with our legitimate interests.
- To monitor the use of our portals and online services. We may use your information to help us check, improve and protect our products, content, services and website, both online and offline, in accordance with our legitimate interests.
- If you provide a credit or debit card, we may also use third parties (such as POS, payment gateway service providers) to check the validity of your account number and card number that you submit in order to prevent fraud, in accordance with our legitimate interests and those of third parties.
- In circumstances where you contact us by telephone, calls may be recorded for quality, training and security purposes, in accordance with our legitimate interests.
- We may use your information to invite you to take part in market research or surveys if you have given your consent for the same.
How do we protect your personal data and where do we store it?
- Security: Data is at the heart of any online business, whether it is personal data or data about our customers’ devices. We use industry-standard measures to safeguard all data and have a continuous process in place to test the effectiveness of these measures and to review the threat landscape and new tools available. You have a role to play in security as well, and we ask that you use prudent measures to protect against unauthorized access to your account information, including logging out of your account when finished, not sharing your login information and taking other customary security precautions appropriate for the situation.
- Agreements with Affiliates and Other Parties who Process Personal Data: Cardkins is entering into formal agreements based on “standard contractual clauses” that commit us to follow the principles in the first part of this Privacy Policy. When we use a third party to process personal data, we make sure that they make similar promises to us, including agreeing not to access any personal data except as we have agreed with them, or to process data for any purpose other than the agreed purpose.
- Data Storage: The personal data that we collect from you is stored in India on our servers.
- Lawfulness, Fairness & Transparency: All your personal data, in all circumstances, will be processed lawfully, fairly and in a transparent manner in relation to the data subject.
- Accuracy: We take every reasonable step to update or remove data that is inaccurate or incomplete. You have the right to request us to erase or rectify erroneous data related to you, but this must be done within a month of the date of data collection.
- Integrity and Confidentiality: We commit to keeping your personal data safe and protected against unauthorized, or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical, or organizational measures.
- Phishing: We are aware that there are people who may pose as legitimate businesses and try to trick you into disclosing personal information that can be used to steal your identity. We will not request your account login or password, your credit card information or any sensitive data that could be used to steal your identity, in an unsolicited or non-secure email or telephone call. If you believe that someone representing themselves as being associated with Cardkins has requested this information in a contact that you did not request or initiate, please contact us immediately at support@cardkins.com so that we take appropriate steps to find out the details.
With whom does Cardkins share personal data?
- Access by Cardkins staff: We allow access to personal data only to those of our employees, consultants or service providers who have a need to access the information for a lawful purpose. We train our employees on how to appropriately handle personal data and require that consultants and service providers do likewise.
- Access by other third parties: We may store your information with or allow access to your information to third parties who provide us with certain services, including website maintenance, database and cloud, customer support, payment processing, telecom service providers or other services. Our contracts with these service providers only allow the use of your information to provide these services and require that they do not disclose it unless required in certain situations, like those described in the following paragraph. We review the security policies and practices of our third-party service providers, as appropriate, as part of our own efforts to maintain the security of your information.
- Law Enforcement, Court Orders and Protection of Our Rights: We may disclose any of your information to government officials as necessary to comply with applicable laws and order, with advance intimation to you to the degree possible. If we receive a request to disclose any such information, we may do so if we believe in our reasonable discretion that such request is lawful, and that disclosure is reasonably necessary to comply. We may also disclose your personal data to respond to subpoenas, court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims.
- Other Disclosures: We may also disclose your information if we believe it is necessary in order to protect our property rights or rights of a third party, to protect the safety of any person or of the public or to prevent any activity that we believe is harmful, illegal or unethical. For example, we may need to use personal data in order to enforce our terms of service with customers and our workplace rules or, to engage in other business or corporate transactions. We will put in place appropriate security measures, such as non-disclosure agreements, whenever possible.
How long do we keep personal data?
- We will not keep your personal data for any purpose longer than necessary to fulfil the original or a compatible purpose. In some instances, we are required to retain certain information by law, for as long as reasonably necessary to meet regulatory or accreditation requirements to resolve disputes, prevent fraud and abuse, or to enforce our terms and conditions. Where this is the case, your personal data will only be processed for the relevant legitimate purpose and not used for marketing.
- Where you are a user, we will keep your personal data for the length of any contractual relationship you have with us and after that for a period of up to 2 years or as required for legal and compliance purposes, whichever is longer
- Where you are a prospective user and you have expressly consented to us contacting you, we will only retain your personal data for this purpose (a) until you unsubscribe from our communications;, (b) while you interact with us and our content; or (c) for 2 years from when you last interacted with us for a point of future reference.
- In the case of any contact you may have with our customer services team, we will retain your details for as long as is necessary to resolve your query and for two weeks after the query is closed.
- We may retain your personal data for a time beyond the specified retention period, to allow for information to be reviewed and any deletion to take place. After it is no longer necessary for us to retain your personal data, we dispose of it securely according to the applicable policy.
Amendments or Updates to this Privacy Statement
Cardkins reserves full rights to amend or update this Privacy Statement unilaterally from time to time as it sees fit or necessary to meet any change in any of the relevant laws or the regulatory environment, or business needs, or to satisfy the needs of stakeholders in the business. Updated versions will be posted to the Cardkins website and date stamped so that you are always aware of when the Privacy Policy was last updated. The whole content of this Privacy Policy will then be construed accordingly in conjunction with such amended or updated versions.
Concerns and Disputes
If you have any concerns about the privacy practices of Cardkins, including an objection to our processing of your personal data, a desire to restrict our processing of your personal data, please contact us at support@cardkins.com, describe your concern, and we will try to resolve the issues. If you are a customer or end-user of a Cardkins customer, we may refer you to that customer to address your concerns. You agree that any dispute with us over privacy will be governed by this Privacy Policy or, for enterprise customers, by the agreement between us and the customer.
Under No Circumstance, including, but not limited to, negligence, shall the Company be liable for any indirect, special, exemplary, or consequential damages that result from the use of its service, or the inability to use, including but not limited to the information, materials on the page, page content, page code, user services or the software. While the Company shall take reasonable precautions against security breaches, no webpage or Internet transmission is completely secure, and as such, the Company shall not be liable for any indirect, special, exemplary, or consequential damages that may result from unauthorized access, hacking, data loss, or other breaches that may occur.
All disputes if any, shall be subject to the exclusive jurisdiction of Courts in Singapore only.