Magellan X Pte. Ltd. and its subsidiary Chord X Pte. Ltd. respect your privacy and we are committed to safeguard the personal data of users of our products (“User”) and personal data belonging to customers who have engaged us to provide products and services (“Customer”).
Information we may collect about you
MGX Entity will collect your Personal Data in the following situations:
- User Credentials Customer will provide to us user credentials, including but not limited to information such as your name and email, to create unique identification for the User on the Product.
- User Contacts User work contact through electronical means will be provided by the Customer for communication of product features, product updates and workflows.
- Usage Data includes information about how you use our product.
- User Feedback we may ask you for feedback from time to time, that we use to help us to improve our service; and
- We may also collect, use and share aggregated data such as statistical or demographic data for any purpose.
How We Use Your Personal Data
- The Product consists of various functions and features which will collect, process and store all or some of the User’s personal data for the following purposes:
- Where you contact our customer support, your name and contact details such as email address or phone number will be stored in order to provide support to you based on your request;
- To communicate any product announcement, software updates, changes to the Product and its features, changes to our services and changes to the terms and conditions of our products and services;
- To verify the identity of user through the personal information;
- To personalize user experience – User information, user activity and usage data helps us to better understand and respond to user individual needs;
- To analyse your personal data in order to better understand User and Customer requirements for research and development purposes to improve our products and services;
- To monitor queries and transactions to ensure service quality, compliance with procedures and to prevent fraud.
- We continually strive to improve our services based on the information and feedback we receive from Users. Feedback may include responses submitted by Users on the accuracy of alerts generated by the Software. We may ask Users for feedback from time to time, that we use to help improve our service; and MGX Entity will (i) use, analyse and process collected data about user, (ii) aggregate user data with other user data, for the purpose of improving the Software, creating new features, conducting research and developing new products and services, including reports based on analytics associated with the Software, provided always that your data has been anonymized and de-identified such that the data or aggregated data will not enable other users to identify each unique user.
- The Software does not make any decisions involving the use of algorithms or profiling that affects you.
Sharing Your Personal Data
- We may disclose personal data for the purposes we explain in this notice to service providers, contractors, agents, advisors (e.g. legal, financial, business or other advisors) that perform activities on our behalf and to other third parties in connection with our legal and regulatory obligations.
- We may process your personal data to comply with our regulatory requirements or dialogue with regulators as applicable which may include disclosing your personal data to third parties, the court service and/or regulators or law enforcement agencies in connection with enquiries, proceedings or investigations by such parties anywhere in the world or where compelled to do so. Where permitted, we will generally direct any such request to you or notify you before responding unless to do so would prejudice the prevention or detection of a crime.
- In the event that we: (i) are subject to negotiations for the sale of our business or part thereof to a third party; (ii) are sold to a third party; or (iii) undergo a re-organisation, we may need to transfer some or all of your personal data to the relevant third party (or its advisors) as part of any due diligence process for the purpose of analysing any proposed sale or re-organisation. We may also need to transfer your personal data to that re-organised entity or third party after the sale or reorganisation for them to use for the same purposes as set out in this policy.
Transmission, Storage and Security of Your Personal Data
- No data transmission over the Internet or Satellite Link can be guaranteed to be secure from intrusion. However, we maintain commercially reasonable physical, electronic and procedural safeguards to protect your personal data in accordance with data protection legislative requirements.
- All information is stored on our or our service provider’s secure servers and can only be accessed and used subject to our security policies and standards.
- Any personal data provided to and collected by the Software may be transferred to, stored by or disclosed to an overseas recipient. Personal data may be accessed by service providers in, transferred to, or stored at, a destination outside the country in which you are located. We will, in all circumstances, ensure that the standard of protection to personal data so transferred is comparable to the protection required under the Personal Data Protection Act of Singapore (“PDPA”).
- Personal data will be stored on a server hosted by Microsoft Azure, a Privacy Shield certified global cloud service provide
Retention of Personal Information
Our retention periods for personal data are based on business needs and legal requirements. We retain personal data for as long as is necessary for the processing purpose(s) for which the information was collected, and any other permissible, related purpose. For example, we may retain certain transaction details and correspondence until the time limit for claims arising from the transaction has expired, or to comply with regulatory requirements regarding the retention of such data. When personal data is no longer needed, we either irreversibly anonymise the data (and we may further retain and use the anonymised information) or securely destroy the data.
Your Rights and Contacting us
Access, Updating, Editing and Deleting Data
- We will use reasonable endeavours to ensure that your personal data is accurate. In order to assist us with this, you may notify us of any changes to the personal data that you have provided to us by contacting us as set out in the “Contacting Us” section below.
- You may request for access or a copy of your User Data and may request that we correct the data if it is inaccurate or delete the data.
If you have any questions in relation to this policy, please contact our data protection officer(s) at firstname.lastname@example.org.
- Our Commitment to User Privacy To ensure integrity and security of user personal information, our privacy and security guidelines are communicated to all employees and strictly enforced within the company.
- European Appendix If you are based in the European Economic Area (EEA), the European data protection law (EU DP Law) require us to provide you with additional information about our processing activities, including information about rights that you have in relation to your personal information that we handle.
EU Use Bases Table
|Purpose for which we collect and use personal information|
To communicate effectively with you and conduct our business
|2.1(a), 2.1(b) and 2.2||
|For research and development purposes||2.1(e) and 2.2||
|To monitor certain activities||2.1(f)||
|To inform you of changes||2.1(b)||
|To re-organise or make changes to our business||2.1(b), 3.3||
In connection with legal or regulatory obligation
|2.1(f), 3.1 and 3.2||
These are the principal legal grounds that justify our use of your information:
|Contract performance: where your information is necessary to enter into or perform our contract with you.|
|Legal obligation: where we need to use your information to comply with our legal obligations.|
|Legitimate interests: where we use your information to achieve a legitimate interest and our reasons for using it outweigh any prejudice to your data protection rights.|
|Legal claims: where your information is necessary for us to defend, prosecute or make a claim against you, us or a third party.|
Export outside the EEA
- Where we transfer personal data from inside the European Economic Area (the EEA) to outside the EEA, we may be required to take specific additional measures to safeguard the relevant personal data. Certain countries outside the EEA have been approved by the European Commission as providing essentially equivalent protections to EEA data protection laws and therefore no additional safeguards are required to export personal data to these jurisdictions. In countries which have not had these approvals (see the full list here https://commission.europa.eu/index_en), we will establish legal grounds justifying such transfer, such as EU Commission-approved model contractual clauses, or other legal grounds permitted by applicable legal requirements.
Your additional rights
- provide you with further details on the use we make of your information;
- provide you with a copy of information that you have provided to us;
- delete any personal data that we no longer have a lawful ground to use;
- where processing is based on consent, to withdraw your consent so that we stop that particular processing;
- to ask us to transmit the personal data you have provided to us and we still hold about you to a third party electronically;
- object to any processing based on the legitimate interests ground unless our reasons for undertaking that processing outweigh any prejudice to your data protection rights; and
- restrict how we use your information whilst a complaint is being investigated.
- Your exercise of these rights is subject to certain exemptions to safeguard the public interest (e.g. the prevention or detection of crime) and our interests (e.g. the maintenance of legal privilege). If you exercise any of these rights, we will check your entitlement and respond in most cases within a month.
- If you are not satisfied with our use of your personal information or our response to any exercise of these rights you have the right to complain to the Information Commissioner’s Office or the data protection regulator in your country.
If after contacting us you do not feel that we have adequately addressed your concerns, you may contact the data protection regulator in your country (listed here: https://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080).
Last Updated: 4 January 2023