Effective Date: August 2022


Privacy Policy


This Privacy Policy (“Policy”) sets out the basis on how “Berru” or “Node Asia Services Pte Ltd” (collectively referred to herein as “we”, “us”, “our”) collect, use and disclose your personal data and your rights in relation to the personal data which we hold.

We recognize our responsibilities in relation to the collection, holding, managing, processing, use, disclosure and/or transfer of personal data under the Personal Data Protection Act 2012 (the “PDPA”), and any other applicable legislation, rules, regulations, guidelines on the protection of personal data.

Personal data collected by us will only be used for lawful purpose and we shall take reasonable steps to ensure that personal data held by us is accurate, up-to-date and complete. We shall implement all practicable and reasonable steps to protect any personal data that we hold against misuse, interference, unauthorized and accidental access, modification, disclosure, processing, erasure, loss or use.

In the event if we engaged another party to process any personal data held by us, we shall adopt contractual means to ensure that such party complies with all applicable data protection laws and this Policy. We shall only use personal data for the purposes for which your personal data was originally collected and as further detailed herein. Such party that obtains / receives personal data from us shall be subjected to its own separate and primary privacy obligations under Singapore Law.

By providing your personal data to us, you acknowledge and agree that you have fully read and understood this policy, and consent to the collection, use, processing and disclosure of your personal data as described in this policy.

Berru may update this Policy from time to time and hence we advise you to periodically review this Policy to be informed of how Berru is protecting your privacy. If any, we will assess any eligible data breaches that have occurred affecting the personal data in our possession or under our control, and, if and as required under applicable law, notify all eligible data breaches to the Personal Data Protection Commission (“PDPC”), as well as affected individuals, of the occurrence of such data breaches.

Personal Data Collection


Personal data that we collect and use may include but not limited to your name, contact details, address and any other information that may be relevant in order for us to provide our contractual obligations and to share information that may be of interest and/or useful to you.

Your personal data may be collected by us, directly or indirectly, in a number of ways, for example:

  • From information provided to us when you meet us.
  • From information provided to us by your company, agents, advisers and/or intermediaries.
  • From our conversations and communication via phone, fax, email or any other forms of electronic communication.
  • From publicly available sources or from third parties, most commonly where we need to conduct background checks.
  • From your responses to our promotions and/or subscription to our mailing lists.
  • From completion of client on-boarding forms or applications or other forms.
  • From your application for a position with us or when you provide documents or information including your resume.
  • From submission of your personal data to us for any other reason.

Categories of personal data we may collect:

  • Your name and contact information such as your home or business address, email address and telephone number;
  • Biographical information which may confirm your identity including your date of birth, identification number and your passport number or national identity card details, country of domicile and/ or your nationality;
  • Information relating to your financial situations such as sources of wealth as well as bank account details;
  • An understanding of your goals and objective in procuring our services;
  • Information about your employment, education, family or personal circumstances, and interests, where relevant;
  • Information to assess whether you may represent a politically exposed person or money laundering risk; and
  • Any other personal data you may decide to share with us for any other reason.

Purposes for Which We Collect, Use and/or Disclose Your Personal Data


We collect, use and/or disclose personal data for the following purposes:

  • Performance of a Contract
    • To provide clients with Berru’s services;
    • To respond to queries and requests
    • To deal with any complaints or feedback you may have; or
    • For any other purpose for which you provide us with your personal data.
  • Legitimate Interest
    • Marketing purposes: To inform clients of new products and/or services;
    • Communication purposes: To update clients on any new changes to rules and regulations, new technical updates, etc.;
    • Training for our staff and/or monitoring of their performance;
    • Administration & Management of our business, including recovery of outstanding balances, and archiving or statistical analysis.
    • Seeking advice on our rights and obligation, such as where we require our own legal advices; and
    • Defending a claim against us or prosecuting or making a claim against you or a third party.
  • Legal Obligations
    • To meet our compliance and regulatory obligations, such as compliance with anti-money laundering laws; or
    • As required by tax authorities or any competent court or legal authority.

In these aspects, we may share your personal data with, or transfer it to the following parties:

  • Your agents, advisers and/or intermediaries whom you have authorized us to release relevant information;
  • Third parties whom we engage to assist in delivering the services to you
  • Our professional advisers where it is necessary for us to obtain their advice or assistance, including lawyers, accountants, tax advisers, IT or public relations advisors;
  • Other third parties such as intermediaries who we introduce to you. We will wherever possible tell you who they are before we introduce you; and
  • Our data storage providers and any other software providers that we require to perform our
  • Our auditors where is it necessary as part of their auditing functions
  • Third parties who assist us in conducting background checks
  • Relevant regulators or law enforcement agencies where we are required to do so.

Marketing


From time to time, we may send you marketing communications about additional services we provide which may be relevant to you, as well as other information in the form of alerts, newsletters and invitations to events or functions which we believe might be of interest to you. We may communicate this to you in a number of ways including by post telephone, email, SMS or other digital channels. If you receive marketing communications from us but do not wish to receive them in the future, you may opt out of receiving them at any time, free of charge.

Withdrawal of Consent


If you have given your consent and you wish to withdraw it at any time, please unsubscribe and opt out or contact us and our Data Protection Officer (see below for details).

Transfer of Personal Data Outside of Singapore


We generally do not transfer your personal data to countries outside of Singapore. However, if we do so, we will obtain your consent for the transfer to be made and will take steps to ensure that your personal data continues to receive a standard of protection that is at least comparable to that provided under the PDPA.

Cookies


Our website uses cookies to improve your experience on our website. We use cookies to personalize content and ads, to provide social media feature and to analyze our traffic. Cookies are small text files that can be used by websites to make a user’s experience more efficient. You can set your browser not to accept cookies, however in a few cases, some of our website feature may not function if you remove cookies from your browser. As an alternative, you can always reach us through our customer services.

Protection of Personal Data


To safeguard your personal data from unauthorize access, collection, use, disclosure, copying, modification, disposal or similar risks, we have introduced appropriate administrative, physical, encryption and the use of privacy filters to secure all storage and transmission of personal data by us, and disclosing personal data both internally and to our authorized third part service providers and agents only on a need-to-know basis.

You should be aware, however that no method of transmission over the internet or method of electronic storage is completely secure. While security cannot be guaranteed, we strive to protect the security of your information security measures.

Accuracy of Personal Data


We generally rely on personal data provided by you (or your authorized representative). In order to ensure that your personal data is accurate, current and complete, please update us if there are any changes to your personal data by informing our Data Protection Officer in writing or via email at the contact details provided below.

Retention of Personal Data


Berru will retain your personal data throughout our business relationship and for the periods deemed necessarily for relevant business or legal purpose. Should your account or relationship with us has been cancelled, terminated or otherwise expired at any point of time, we shall cease processing your personal data as soon as reasonably practicable following such cancellation or termination, provided that we may keep copies of your data is reasonably required for archival purposes, for use in relation to any actual or potential despite, for the purpose of compliance with applicable laws and regulations or for the purpose of enforcing any agreement we have with you, for protecting our rights, property or safety of our business and our employees, and for performing or discharging any functions, obligations and responsibilities which we may have.

Storage and Third Parties


Berru may store your personal data for processing in our local server or use third parties cloud vendors and data processors where we have contractual security measures and reassurance of appropriate security measures in place for as long as it is necessary or required in order to fulfill legal, contractual or statutory obligations or for the establishment, exercise, defend of legal claims, and in general where we have a legitimate interest for doing so. In particular:

  • Where we have collected your personal data as required by anti-money laundering legislation, including for identification, screening and reporting, we will retain that personal data for at least seven (7) years after termination of our relationship, unless we are required to retain this information by another law, regulation or for the purpose of court proceedings; or
  • Otherwise, we will in most cases, retain your personal data for a period of seven (7) years after the termination of our contractual or other relationship with you in case any claims arises out of the provision of our services to you.

Changes to Policy


Berru retains the rights to review and update this Policy regularly. Any changes made to this Policy will be posted on www.berru.co, and notices will be placed on other pages of the websites, so that you will be well-informed of the change. This Policy was last updated August 2022.

Data Protection Officer


You may reach out to our Data Protection Officer at admin@berru.co if you have any enquiries or feedback on our personal data protection policies and procedures.