Who we are:
Our website address is: https://www.tookitaki.com
Tookitaki understands that Your privacy is important to You and that You care about how Your information is used and shared online. We respect and value the privacy of everyone who visits Our Site and will only collect and use information in ways that are useful to You and in a manner consistent with Your rights and Our obligations under the law.
1. Definitions and Interpretation
In this Policy the following terms shall have the following meanings:
means an account required to access and/or use certain areas and features of Our Site.
means a small text file placed on Your computer or device by Our Site when You visit certain parts of Our Site and/or when You use certain features of Our Site. Details of the Cookies used by Our Site are set out in Section 12, below.
means this website, https://www.tookitaki.com, its subdomains
where You are established in a member state of the European Union, means (i) prior to 25th May 2018, the Directive 95/46/EC on the protection of individuals with regard to the Processing of Personal Data and on the free movement of such data and (ii) after 25th May, 2018, the EU Regulation 2016/679 (General Data Protection Regulation) and any applicable national laws made under it; where You are established in Switzerland, means the Swiss Federal Act of 19 June 1992 on Data Protection (as may be amended or superseded); and where You are established in any other territory, means data protection laws that are applicable in that territory.
means Tookitaki Holding Pte Ltd, a private limited company, registered in Singapore whose postal address is 1 North Bridge Road #10-05 High Street Centre Singapore 179094,
means data relating to a living individual who is or can be identified either from the data or from the data in conjunction with other information that is in, or is likely to come into, the possession of the data controller.
shall mean the EU Regulation 2016/679 (General Data Protection Regulation) and any applicable national laws made under it.
shall mean Your use of the Our Site and any products, channels, software, data feeds and services, including Our Site.
2. Information About Us
2.1 Our Site, https://www.tookitaki.com and its subdomains are owned and operated by Tookitaki Holding Pte Ltd, a company registered in Singapore.
3. Scope – What Does This Policy Cover?
4. What Data Do We Collect?
Depending upon Your use of Our Site, we may collect some or all of the following data, when You sign-up on Our Site:
4.1 Your name;
4.2 Website URL;
4.3 contact information such as email addresses and telephone numbers;
4.4 web browser type and version (automatically collected);
4.5 IP address of signup (automatically collected); and
4.6 operating system (automatically collected).
5. How Do We Use Your Data?
5.1 All personal data is stored securely in compliance with the applicable Privacy Law.
5.2 We use Your data to provide the best possible products and services to You. This includes:
5.2.1 Providing and managing Your Account;
5.2.2 Providing and managing Your access to Our Site;
5.2.3 Personalising and tailoring Your experience on Our Site;
5.2.4 Supplying Our products and Services to You;
5.2.5 Personalising and tailoring Our products and Services for You; and
5.2.6 Sending and responding to communications from You;
5.3 In some cases, the collection of data may be a statutory or contractual requirement, and We will be limited in the products and services We can provide You, without Your consent for Us to be able to use such data.
5.4 With Your permission and/or where permitted by law, We may also use Your data for marketing purposes which may include contacting You by digital communications or web push notification with information, news and offers on Our products. We will not, however, send You any unsolicited marketing or spam and will take all reasonable steps to ensure that We fully protect Your rights and comply with Our obligations under the GDPR and the applicable Privacy Law.
5.5 Under GDPR, We will ensure that Your personal data is processed lawfully, fairly, and transparently, without adversely affecting Your rights. We will only process Your personal data if at least one of the following basis applies:
You have given consent to the processing of Your personal data for one or more specific purposes;
processing is necessary for the performance of a contract to which You are a party or in order to take steps at the request of You prior to entering into a contract;
processing is necessary for compliance with a legal obligation to which We are subject to;
processing is necessary to protect the vital interests of You or of another natural person;
processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; and/or
processing is necessary for the purposes of the legitimate interests pursued by Us or by a third party, except where such interests are overridden by the fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
6. How and Where Do We Store and Secure Your Data?
6.1 We only keep Your data for as long as We need to in order to use it as described above in Section 5, and/or for as long as We have Your permission to keep it. In any event, We will conduct an annual review to ascertain whether We need to keep Your data.
6.2 Some or all of Your data may be stored or transferred outside of the European Economic Area (“the EEA”) (The EEA consists of all EU member states, plus Norway, Iceland and Liechtenstein).
6.3 You are deemed to accept and agree to this by using Our Site and submitting information to Us. If We do store or transfer data outside the EEA, We will take all reasonable steps to ensure that Your data is treated as safely and securely as it would be within the EEA and under the GDPR. Such steps may include, but not be limited to, the use of legally binding contractual terms between Us and any third-parties.
6.4 Data security is of great importance to Us, and to protect Your data. We use appropriate technical and organizational measures to protect the Personal Data that We collect and process. The measures We use, are designed to provide a level of security appropriate to the risk of processing Your Personal Data. However, internet is an open system, the transmission of information via the internet is not completely secure. Although we implement reasonable measures to protect your information, we cannot guarantee the security of your data transmitted to us using the internet. Any such transmission is at your own risk and you are responsible for ensuring that any Personal Information that you send to us are sent securely.
7. Do We Share Your Data?
7.1 We may contract with third parties to supply products and services to You on Our behalf. These may include payment processing, delivery of goods, search engine facilities, advertising and marketing. In some cases, the third parties may require access to some or all of Your data. Where any of Your data is required for such a purpose, We will take all reasonable steps to ensure that Your data will be handled safely, securely, and in accordance with Your rights, Our obligations, and the obligations of the third party under the law.
We currently contract with the below sub-processors:
7.2 In certain circumstances We may be legally required to share certain data held by Us, which may include Your personal information, for example, where We are involved in legal proceedings, where We are complying with the requirements of legislation, a court order, or a governmental authority. We do not require any further consent from You in order to share Your data in such circumstances and will comply as required with any legally binding request that is made of Us.
8. What Happens If Our Business Changes Hands?
8.2 In the event that any of Your data is to be transferred in such a manner, You will be contacted in advance and informed of the changes.
9. How Can You Control Your Data?
9.1 When You submit information via Our Site, You may be given options to restrict Our use of Your data. We aim to give You controls on Our use of Your data including the ability to opt-out of receiving emails from Us which You may do by unsubscribing using the links provided in Our emails and by managing it through Your preferences in Your account. Further, if You are a web push subscriber at any of Our customers (or controller websites), We offer instructions and widgets which Our customers can offer to unsubscribe You, and where You can control the level of use of Your data.
10. Your Right to Withhold Information and Your Right to Withdraw Information After You Have Given it
10.1 You may access marketing portions of Our Site without providing any data at all. However, to use all features and functions available on Our Site, and open and account with Us, You may be required to submit or allow for the collection of certain data.
You may withdraw Your consent for Us to use Your personal data as set out in Section in 5 at any time by contacting Us using the details set out in Section 18, and We will delete Your data from our systems, and/or share steps on how to unsubscribe. However, you acknowledge this may limit Our ability to provide the best possible products and services to You.
11. How Can You Access Your Data?
11.1 You have the legal right to ask for a copy of any of your personal data held by Us (where such data is held). Please contact Us for more details at firstname.lastname@example.org, or using the contact details below in Section 14.
13. EEA specific rights – Summary of Your Rights under GDPR
13.1 Under the GDPR, you have:
13.1.1 the right to request access to, deletion of or correction of, Your personal data held by Us;
13.1.2 the right to complain to a supervisory authority in event of breach of any of Our obligations towards the Personal Data under the applicable Privacy Law;
13.1.3 be informed of what data processing is taking place;
13.1.4 the right to restrict processing;
13.1.5 the right to data portability;
13.1.6 object to processing of Your personal data;
13.1.7 rights with respect to automated decision-making and profiling (see Section 14 below).
13.3 If You seek access to, or wish to correct, update, modify or delete Personal Data (hereinafter referred to as a “Request”) which forms a part of Collected Data, please contact us at email@example.com. We respond to all requests We receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.
13.4 If You seek access to, or wish to correct, update, modify or delete Personal Data (hereinafter referred to as a “Request”) which is part of the Data and processed by us on behalf of our customer, You should direct Your query to our customer, that is, the controller or website owners who use our product. If You are a customer of our service(s) and wish to raise a Request on behalf of Your users and/or end-users in connection with service data, You may raise a ticket.
14. Automated Decision-Making and Profiling
14.1 In the event that We use personal data for the purposes of automated decision-making and those decisions have a legal (or similarly significant effect) on You, have the right to challenge to such decisions under GDPR, requesting human intervention, expressing their own point of view, and obtaining an explanation of the decision from Us.
14.2 The right described in Section 14.1 does not apply in the following circumstances:
- The decision is necessary for the entry into, or performance of, a contract between the You and Us;
- The decision is authorised by law; or
- You have given your direct consent.
14.3 We currently make the following automated decisions, based on how the controller has configured Our product for You:
14.3.1 Show You targeted web push notifications, based on the product You browsed, or Your interests and preferences.
15. What is our legal basis for processing Personal Data (EEA visitors only)?
15.1 If You are a visitor from the European Economic Area, our legal basis for collecting and using the Personal Data described above will depend on the Personal Data concerned and the specific context in which We collect it;;
15.2 However, We will normally collect Personal Data from You only where We need the Personal Data to perform a contract with You, or where the processing is in our legitimate interests or rely upon Your consent where We are legally required to do so and not overridden by Your data protection interests or fundamental rights and freedoms. In some cases, We may also have a legal obligation to collect Personal Data from You or may otherwise need the Personal Data to protect Your vital interests or those of another person;
15.3 If We ask You to provide Personal Data to comply with a legal requirement or to perform a contract with You, We will make this clear at the relevant time and advise You whether the provision of Your Personal Data is mandatory or not (as well as of the possible consequences if You do not provide Your Personal Data);
15.4 Similarly, if We collect and use Your Personal Data in reliance on our legitimate interests (or those of any third party), We will make clear to You at the relevant time what those legitimate interests are; and
15.5 If You have questions about or need further information concerning the legal basis on which We collect and use Your Personal Data, please contact us using the contact details provided below (as under Section 18).
16. Children’s Personal Data
16.1 Tookitaki services are not intended for use by children. Tookitaki does not knowingly collect any Personal Data from children under the age of 16. If You are under the age of 16, please do not submit any Personal Data through Our Site or Service(s). We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce this notice by instructing their children never to provide Personal Data through Our Service(s) or Our Sites without their permission. If You have reason to believe that a child under the age of 16 has provided Personal Data to us through Our Site or Service(s), please contact Us and We will delete that information and terminate the child’s account from Our databases and If it is discovered that we have collected Personal Data from someone under the age of 16, we will delete that information immediately.
17. Contacting Us
17.2 If You have any support requests, please contact us at firstname.lastname@example.org
Updated Date: [11.26.19]