This API Exchange (“APEX”) Privacy Statement (the “Privacy Statement”) must be read in conjunction with the APEX Terms of Use (the “Terms”) that Organisations and their Authorised Representatives must agree to be legally bound by in order to Use:
APEX;
the APEX Digital Services, which include but are not limited to, the APEX website (accessible at https://api.apex.gov.sg or such other website as may be specified by us from time to time; the “Website”) and the APEX Mobile application (the “Application”) (collectively, the “APEX Digital Services”);
the services provided through the APEX Digital Services; and
any Content made available and accessible therein (collectively, the “Services”).
In this Privacy Statement, “Public Agencies” mean the Government of Singapore and statutory bodies and “you” means the individual or Organisation, as the case may be, Using the Services. Unless otherwise stated, all other capitalized terms contained in this Privacy Statement shall have the meaning given to it in the Terms.
1. Purpose
The Services are provided to you by the Government Technology Agency (“we”, “us” or “our”). The purpose of this Privacy Statement is to provide information of how we handle, collect, use, disclose and deal with any data, including personal data relating to you, or that may relate to a third party individual, that is provided to or collected by us (collectively, “Data”). Please read this Privacy Statement carefully.
2. Types of Data that we collect
If you are an Organisation
We may request certain types of Data from you and/or your Authorised Representatives in connection with the Use of the Services by you and/or your Authorised Representatives. Examples include:
Information relating to your Account(s).
Corporate information relating to you, including UEN, business registration details, contact information, and registered office address.
Information relating to your Authorised Representatives and their Devices (see Clause 3).
Information relating to your Relevant Employees.
Information about you, your Authorised Representatives and/or your Relevant Employees from data source(s) approved by us.
Other information provided or collected in connection with your Use of the Services.
If you are an Individual, Authorised Representative or Relevant Employee
We may request certain types of Data from you and/or the Organisation you represent (“Your Organisation”) to enable you to Use the Services. Examples include:
Personal information, including NRIC numbers, contact details, mobile phone numbers, email and mailing addresses.
Information relating to your Singpass account.
IP addresses, device fingerprint records (e.g. model type, operating system, state of Device), and metadata generated through Use of the Services.
Information on the version of the APEX Digital Services, your usage (features clicked, permissions granted, push notifications, location services, connectivity, etc.).
Information about you from data source(s) approved by us.
Other information provided or collected in connection with your Use of the Services.
3. General Collection of Data by us
We may also automatically collect information relating to your activities in respect of the Services, including through:
Analytics Tags – to analyse effectiveness of features, user preferences, and improve user experience.
Cookies – to store and track information (e.g. frequency of use, profile of users). Cookies do not read your hard disk. Not all cookies collect personal data. Rejecting cookies may limit Services functionality.
Server Logs – recording activity such as page requests, errors, access attempts, IP address and cookie settings, for administrative, security and troubleshooting purposes.
Device Information – model, type, operating system, and other technical attributes.
Notes:
If you are only browsing the Website, we do not capture data that identifies you individually.
By continuing to Use the Services, you agree to the use of such technologies. We have no control over third-party technologies (e.g. third-party cookies).
We may allow third-party companies to deliver advertising, promotional and marketing material about APEX, and to compile anonymous site analytics. These may use cookies/technologies to track interactions with APEX. For example, Google’s “remarketing” service may target advertising when you visit other sites in Google’s network. Such third parties will not collect APEX login data.
Data will only be collected and used in accordance with this Privacy Statement and the third parties’ privacy policies (e.g. www.google.com/privacy.html, www.facebook.com/about/privacy).
You may opt out of third-party ad targeting via: http://www.aboutads.info/choices.
4. Why we collect Data
Data may be used, disclosed and processed for the following Purposes:
To assist, process and facilitate your Use of the Services (registration, login, features).
To administer and process transactions or activities conducted under your Account(s).
To carry out instructions, respond to queries, feedback or complaints.
To monitor and track usage of Services, and produce anonymised reports/statistics.
To conduct research, data analytics, surveys, market studies to improve Services.
To carry out verification checks, due diligence or other screening activities.
For storing or creating backups of Data (contingency/business continuity).
To prevent or investigate fraud, unlawful activity or misconduct.
To deal with conflicts of interest or complaints related to Accounts.
To contact or communicate with you on matters relating to Use of Services (via email, push notifications, etc.).
For any other lawful purposes as may be notified by us.
Additional Notes:
We may collect, use, disclose or process Data for other purposes if permitted under law.
If you provide Data, we may:
Share necessary Data with Public Agencies and third-party providers for efficient service provision.
Not share personal data with non-Public Agencies, unless necessary to assist in providing Services.
Display previously supplied Data for convenience. You must update outdated Data without delay.
5. Data from Third Party Sources
We may collect Data from sources other than yourself for the above Purposes. Such Data may be combined with Data you provided to us.
6. Data of Third Party Individuals
During Use of Services, you may provide us with Data relating to others.
Your obligations before disclosure:
(i) Notify the individuals that their data will be provided to us and the Purposes of collection.
(ii) Obtain their consent to disclose to us and allow us to process their data.
Your representations and warranties:
(i) Data provided is complete, accurate, true and correct.
(ii) You have valid authority and consent from these individuals to provide their data.
7. How we handle and manage your Data
7.1. Your Data may be stored in servers, systems or devices (inside or outside Singapore) owned, operated or managed by us, and/or third party service providers or collaborators.
7.2. We will take reasonable measures to safeguard personal data from loss, misuse, unauthorised access/disclosure, alteration or destruction (e.g. secure electronic storage and transmission).
7.3. You may withdraw consent to the use/disclosure of personal data, subject to legal or contractual restrictions. Withdrawal may prevent proper functioning of the Services and may result in cessation of Services. We may continue to use/retain data where permitted under law.
8. General Information
8.1. Services may contain links to products/services/websites not provided by Public Agencies. Their privacy practices may differ. Public Agencies are not responsible for such content/practices.
8.2. Public Agencies are not responsible for loss of Data caused by events/actions beyond their control, or by actions/omissions of users or third parties.
8.3. We reserve the right to change, modify or supplement this Privacy Statement at our discretion and at any time, by posting updates on the Application, Website, or other appropriate means. Continued Use of Services after posting constitutes acceptance. If you do not agree, please discontinue Use.