Privacy & Data Protection Policy
Cat and the Fiddle (C&F) respects the privacy of its users as reflected in our Privacy and Data Protection Policy (the 'Policy') detailed below. By accessing this website, you signify that you have read, acknowledged and agreed to be bound by this Policy. Please be informed that C&F may update these policies from time to time, and we encourage you to check for any updates regularly.
1. What does this Policy Cover?
- sets out the principles C&F follows when collecting, using, disclosing, retaining and removing personal data;
- describes other important topics relating to an individual’s privacy; and
- sets out C&F's policies concerning Intellectual Property.
By purchasing goods from C&F, communicating with C&F through email, by telephone, in writing or by using any of C&F’s other services, including the C&F website, or by providing personal data to us, you agree to the collection, use and disclosure of your personal data in the manner described in this policy.
2. Collection, Use and Storage of Personal Data
The type of personal data that C&F may collect from individuals will depend upon the particular transaction and the dealing. Normally the personal data collected by C&F may include an individual’s:
- name, title, address;
- telephone number;
- email address and online passwords;
- records of communications with C&F;
- to market surveys and contests conducted by C&F;
- video footage that identifies individuals (including CCTV footage);
- website usage information.
C&F only collects, uses and discloses personal data with an individual’s consent or deemed consent or as otherwise permitted under applicable laws and regulations.
Personal Data will, generally, only be collected and used for the primary purposes of:
- conducting, improving, maintaining and developing a business relationship.
- processing, servicing or enforcing transactions and sending related communications;
- identification and verification purposes in connection with any of the services or products that may be supplied to individuals;
- responding to individual’s queries;
- administering contests or market surveys conducted by C&F;
- marketing (such as providing individuals with information about our products and promotional notices and offers); and
- improving the C&F’s website.
C&F takes reasonable steps to ensure the individual is aware of:
- the likely use of the information;
- the means of requesting C&F on the provision of personal data that is in the possession of C&F;
- the means of withdrawing any consent in respect of the collection, use or disclosure of the personal data that is in the possession of C&F;
- the identity and contact details of the organisation;
- any law requiring collection of the information; and
- the main consequences of failure to provide the information.
C&F will store your Personal Data associated with the creation of an account on our website as long as you have an account on our website. In the event you wish to terminate your account on the C&F website, please inform our Customer Service team at firstname.lastname@example.org.
3. How C&F will disclose your Personal Data:
C&F discloses personal data:
- for the primary purpose for which it was collected; or
- for purposes that a reasonable person will consider appropriate in the circumstances; or
- where the individual has consented; or
- for direct marketing by C&F where consent has been given but giving individuals the opportunity to opt out of such direct marketing. C&F includes its contact details in any direct marketing; or
- where permitted under applicable law or if required by law.
C&F does not disclose your personal data for any secondary purposes unless your consent has been given or if so permitted or required under applicable laws and regulations.
C&F will not sell or license any personal data that it collects from an individual.
There may be other situations where we may collect and use personal data, which are outside a person’s reasonable expectation. When this occurs, C&F is committed to providing the individual with an explanation for the possible use of the personal data when asking for the individual’s consent.
4. Accuracy and Correction of Personal Data
C&F takes steps to ensure information is accurate and up-to-date by updating its records whenever changes to information come to its attention. C&F disregards information which seems, on a reasonable basis, be inaccurate or out of date by reason of the time which has elapsed since it was collected or by reason of any other information in its possession.
If an individual has submitted personal data to C&F electronically or otherwise, and would like it corrected, then a written request should be sent by email to the Privacy & Data Protection Officer at email@example.com.
C&F will comply with an individual’s request to correct their personal data as soon as practicable. If C&F disagrees with any request to correct an individual’s personal data on reasonable grounds, C&F shall annotate the personal data with the correction that was requested but not made.
5. Non-Disclosure and Withdrawal of Consent
An individual may opt not to have their information disclosed (to the extent C&F is still able to fulfil his/her open order/s) or withdraw his/her consent for the collection, use or disclosure of personal data by giving C&F reasonable notice subsequent to the fulfilment of any open order/s by sending a written request by email to the Privacy & Data Protection Officer at firstname.lastname@example.org. C&F may inform the individual of the likely consequences of the withdrawal of the consent. C&F will cease to collect, use or disclose the personal data upon such withdrawal unless otherwise permitted or required by applicable laws and regulations.
6. Using our Website
As with most websites, when you visit the C&F website or use an application on the C&F website, C&F may record anonymous information such as IP address (where not used to identify a specific individual), time, date, referring URL, pages accessed and documents downloaded, type of browser and operating system.
C&F also uses “cookies”. A cookie is a small file that stays on your computer until, depending on whether it is a sessional or persistent cookie, you turn your computer off or it expires. Cookies may collect and store your personal data. You may adjust your internet browser to disable cookies. If cookies are disabled you may still use the C&F website, but may be limited in the use of some of the features.
C&F may enable you to establish, a username and password associated with an account on the C&F website. If so, you are responsible for any activity that occurs under your account, including any activity that occurs as a result of your failure to keep secure and maintain the confidentiality of your account and password information.
7. Information Security
Your privacy is important to us. We put in place reasonable security arrangements to protect your privacy and personal information, in such manner and to such extent as we deem reasonably appropriate to prevent unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks. However, there is no such thing as "perfect security" and we do not guarantee in any way, and you should not expect, that your personal information or private communications will always remain private and/or safe from any abuse or misuse by third parties.
Please note that all payments are processed through secure connections via Payment/Express or PayPal and as such no credit/debit card information or PayPal login details is collected or stored by C&F. Secure connections are encrypted using industry standard cryptography.
Your information is stored on Digital Ocean's servers. We use such procedural and technical safeguards as we deem reasonably necessary to protect your privacy and to protect your personal information against loss, theft and unauthorised access, collection, use, disclosure, copying, modification or disposal. Such safeguards include but are not limited to the use of encryption, firewalls and Secure Socket Layer technology. We will also employ the appropriate security techniques to reasonably protect data against loss, theft, and unauthorized access, collection, use, disclosure, copying, modification or disposal by users inside and outside C&F.
C&F protects the personal information it collects in a secure database with online account passwords stored in salted cryptographic hash form, and the database servers are hosted in Digital Ocean’s protected non-public network facing data centre. C&F employees are required, as a condition of their employment, to treat personal information held by C&F as confidential, and to maintain the confidentiality of that personal information.
As "perfect security" does not exist, C&F does not represent or warrant that there will not be, and hereby disclaims any responsiblity or liability directly or indirectly arising out of or in connection with, any loss, theft, or unauthorised access, collection, use, disclosure, copying, modification, disposal or similar actions with regard to any information held or maintained by us.
Any data destroyed is disposed of in a manner that protects the privacy of personal data in an appropriate manner and we do not tamper with customers' browsers or computers without obtaining prior permission.
For more details about C&F’s Information Security Policy and security credentials please visit here.
8. Information Security Officer
C&F is committed to ensuring appropriate data protection and security procedures are practiced and enforced. Esmond Tan, as the outsourced Chief Information Officer (CIO) is responsible for:
- maintaining policies and procedures to protect personal data;
- assessing the impact of proposed changes to our information system;
- training other employees to observe the correct data protection and security procedures; and
- ensuring the information security policy is updated regularly.
For information about policies the CIO has implemented regarding each aspect of information security please visit here.
9. Dealing with Unsolicited Information and Unsolicited Emails
C&F takes all reasonable steps to ensure that all unsolicited information is destroyed immediately.
We will endeavour to prevent unsolicited e-mail from being relayed as we never send unsolicited or spam e-mail. If you receive an unsolicited e-mail with a domain of our website, please inform us at email@example.com immediately so that we can track down the offender and take any actions, legal or as is appropriate, to stop such spam messages
10. Access to Personal Data
If an individual wishes to be provided with information regarding their Personal Data that is in the possession or under the control of C&F or the ways in which such Personal Data has been used or disclosed by C&F in the year preceding such request, then that person needs to send a written request by email to the Privacy & Data Protection Officer at firstname.lastname@example.org. C&F will handle such requests as soon as reasonably possible.
11. Cross Border Disclosure
Any personal data provided to C&F may be transferred to, stored by or disclosed to an overseas recipient. For example, C&F may use a server hosted overseas to store data, which may include your personal data. Your personal data may also be processed by employees or by other third parties operating outside of Singapore, who work for C&F, or by the representatives and employees of C&F’s parent company. C&F will take reasonable steps, in the circumstances, before your personal data is disclosed to an overseas recipient, to ensure that the overseas recipient provide a reasonable standard of protection.
12. Protection of Children’s Personal Data
C&F has no intention of collecting the data of children under the age of 18. Anyone seeking to create an account on the C&F website must therefore be at or above the age of 18 and they are deemed to be so.
13. Sensitive Information
14. Intellectual Property
You acknowledge that all information and content on this website, including but not limited to its ‘look and feel’, trademarks, logos, text, photographs, graphics, videos, text, images and other materials are the property of C&F and protected by copyrights, trademarks, or other proprietary rights as enshrined in the applicable laws.
Except as required by applicable law, no content or any content of this website may be used, reproduced, duplicated, copied, sold, resold, accessed, modified, or otherwise exploited, in whole or in part, for any purpose without our express, prior written consent.
We respect the intellectual property rights of others. If you believe that your materials have been copied in a way that constitutes copyright infringement, please contact us at email@example.com. We reserve the right to remove materials in violation of this policy without prior notice and at our sole discretion.
16. Other Important Information
17. Modifying or Deleting Your Personal Data
You may also request that we delete any personal data that we have collected from/about you. However, we may retain personal information as authorized under applicable law, such as personal information required as necessary to provide our services, protect our business and systems from fraudulent activity, to debug and identify errors that impair existing functionality, as necessary for us, or others, to exercise their free speech or other rights, comply with law enforcement requests pursuant to lawful process, for scientific or historical research, for our own internal purposes reasonably related to your relationship with us, or to comply with legal obligations. We need certain types of information so that we can provide our services. If you ask us to delete it, you may no longer be able to access or use our services.
Your personal data may be deleted upon request to firstname.lastname@example.org. We undertake to perform the deletion within one month (30 calendar days) and will send you a confirmation once the information has been deleted. Wherever possible, we will aim to complete the request in advance of the deadline.
18. Further Information
Privacy & Data Protection Officer
Cat & the Fiddle
171 Kampong Ampat
KA Foodlink #05-04
Updated 5 October 2021