1. What Constitutes Personal Information?

In this policy, "personal information" refers to any data, information, or a combination thereof, which is provided by you, to us, or through your interactions with our products, services, or website, and which pertains to an identifiable individual.

2. What Information Do We Collect?

We only gather personal information that you willingly provide when you express interest in learning about us or our offerings, use features on our website, or communicate with us.

The nature of information we collect depends on your interactions with us:

• Name and Contact Data: We collect your name and email address when you register or sign up for our products or services.

• Support Data: Information provided through support channels, such as when you report issues or interact with our support team, including contact details, documentation, or screenshots.

• Preference Data: Communication, marketing, and other preferences you configure when setting up your account or profile, or when participating in surveys or questionnaires.

We also automatically collect certain information during your website visits or while using our services, including:

• Technical Data: Details about your device or connection, such as browser type, time zone, browser versions, operating system, and technology used to access our products or services. We gather this information through cookies and other data collection technologies (for more details, refer to Section 8, "Do We Use Cookies?").

• Usage Data: Information about your interaction with or visits to our website, such as your journey through our site, pages viewed, page response times, visit duration on specific pages, and page interaction details (e.g., scrolling, clicks, mouse-overs).

Additionally, we may receive information from third-party sources, including:

• Our business partners and service providers located worldwide, offering technical, payment, and analytics services. We've categorized them below for your convenience:

  • Functionality and Infrastructure Optimization: Amazon Web Services, Github

  • Invoice and Billing: Stripe

  • Web and Mobile Analytics: Google Analytics, Hotjar

  • Marketing Analytics: Facebook Pixel

  • Email Marketing: MailChimp

  • Service Management: Freshdesk

We do not collect sensitive or special category data, such as information about race, ethnic origin, political beliefs, religious or philosophical affiliations, trade union memberships, genetics, biometrics, health, or sexual orientation.

3. How Do We Use Your Information?

We employ your personal information solely for the following purposes:

• Fulfillment of Services: To perform the contract we've established or are in the process of establishing with you, which includes operating our products and services, providing customer support and personalized features, and ensuring the safety and security of our website.

• Business Enhancement: To improve our products and services, engaging in research and development, customer analysis, and segmentation, always with a commitment to avoiding adverse effects on individuals and ensuring compliance with legal obligations.

• Protection of Legal Rights and Interests: To use the information as required by law or to the extent we reasonably believe necessary to protect our legal interests, adhering to legal or regulatory obligations.

• Marketing and Promotional Communications: To send you direct marketing materials or promotional communications. We may publish your information as part of our testimonials or customer stories to promote our products or services, with your explicit permission.

• Targeted Advertising: We may employ your information to develop and display tailored content and advertising (working with third parties as necessary) based on your interests and/or location, as well as to measure the effectiveness of such content and advertising.

4. Will Your Information Be Shared?

Sharing within our group: We share information with other entities within our corporate group for website operation and to enhance our products and services. We will not share your personal information with external companies for marketing purposes without your express, specific consent.

Sharing with third parties: We share information with third parties to support, operate, improve, and market our products and services. These third-party service providers include those offering website and application development, data storage, infrastructure, billing, payment processing, customer support, business analytics, and other services. Third-party service providers access your personal information solely for service provision and compliance with applicable laws and regulations. We verify that these providers maintain confidentiality and implement reasonable security measures to safeguard your personal information's confidentiality, integrity, and availability. In cases where a third-party provider cannot meet our requirements, we require immediate notification and take measures to halt non-compliant processing. If a provider fails to comply, we terminate our services and demand evidence of data destruction.

We may share personal information on an aggregated or de-identified basis with third parties for research, analysis, profiling, and similar purposes to enhance our products and services.

Your use of third-party software: If you use third-party software in connection with our products or services (e.g., integrated with our website), you may grant the third-party software provider access to your account and information. We do not control third-party software providers' policies and procedures, and this policy does not cover how your information is collected or used by them. We encourage you to review the privacy policies of third-party software providers before using their services.

Links to external websites: Our website may contain links to third-party websites beyond our control. If you navigate to these websites or provide them with information, your data will be governed by their policies. We advise you to review third-party privacy policies before sharing information with them.

Sharing for legal obligations: We may share your information with government and law enforcement authorities to comply with applicable laws or regulations, including responding to claims, legal processes, law enforcement requests, or national security mandates.

Business transfers: If we undergo acquisition by a third party due to a merger, acquisition, or business transfer, your personal information may be disclosed or transferred to a third party in connection with such a transaction. We will inform you of such an occurrence and provide choices related to your information.

5. How Do We Store and Secure Information?

We utilize data hosting and cloud service providers, whose data centers may not be located in Singapore. We ensure that the service providers we engage take reasonable steps to safeguard the personal data they hold to Singapore's Privacy and Data Protection Commission's (PDPC) acceptable standards.

To protect your personal information's security and integrity, we have implemented the following measures:

• Data Encryption: Information is encrypted using TLS/SSL technology.

• Access Control: Access to your personal information is restricted to personnel or service providers on a strict need-to-know basis, processing your information only per our instructions and subject to a confidentiality duty.

• Regular Review: Our data collection, storage, and processing practices are periodically audited.

• Data Breach Response: Procedures are in place to address suspected privacy or data protection breaches. We will notify you and relevant regulators when legally required to do so.

While we employ safeguards for your information, please note that no internet data transmission is entirely secure. Consequently, we cannot guarantee the absolute safety and security of your information during transmission over the internet, while stored in our systems, or during processing.

We retain personal information only as long as necessary to fulfill our collection purposes, including legal, accounting, or reporting requirements. Your information is securely stored and used for internal purposes only. Upon your request, we will delete your information, or if deletion is unfeasible, we will anonymize it to prevent your identification. Our data retention policy is reviewed periodically for basis and appropriateness.

6. What Are Your Rights?

You possess the following rights:

• Right to Information: You have the right to be informed about our processing of your personal information.

• Right to Access: You may request a copy of the personal information we hold about you.

• Right to Rectification: You can request correction of inaccuracies or errors in your personal information we hold.

• Right to Erasure: Subject to certain legal exceptions, you can request deletion of your personal information. However, we may not always comply due to record keeping, transactional, or legal obligations.

• Right to Object or Restrict Processing: You may object to or restrict our processing of your personal information, including for marketing purposes.

• Right to Data Portability: You can request some of your personal information in a structured, commonly used, and machine-readable format and ask us to transfer this information to another party.

• Right to Withdraw Consent: You can withdraw your consent, but this does not affect processing done before consent withdrawal. Your withdrawal may affect the services you receive.

We may need specific information from you to confirm your identity when handling privacy requests or when you exercise your rights. We strive to respond to your request promptly. Should we be unable to do so within thirty (30) calendar days after receiving your request, we will notify you in writing of the time frame for response. Please note that certain conditions, as prescribed by applicable law, may exempt us from complying with your requests. In such cases, we will inform you of the basis for refusal.

Please be aware that withdrawing consent does not affect our right to collect, use, and disclose personal data when such collection, use, and disclosure without consent is permitted or required under applicable laws.

7. Do We Collect Information from Individuals Under the Age of 16?

Our products and services are not intended for individuals under the age of 16. We do not knowingly collect personal information from individuals under 16. If we become aware of mistakenly or unintentionally collecting information from an individual under 16, we will take steps to delete such information. If you believe that we have collected information from someone under 16, please contact us.

8. Do We Use Cookies?

Cookies are small text files placed on your device by a web server when you access our website. We employ cookies to identify your access, monitor usage, and assess web traffic to customize and enhance our products and services.

We use both persistent and session cookies. Persistent cookies remain in your browser, read by us upon your return to our website or partner sites using our services. Session cookies persist only for the duration of the session (typically, your visit to a website or a browser session).

We employ the following types of cookies:

• Strictly Necessary Cookies: Required for our site's operation, allowing you to log in to secure website areas.

• Analytical/Performance Cookies: Recognize and count visitors, track their movement through our site, and improve its functionality.

• Targeting Cookies: Record your website visit, viewed pages, followed links, and enable us to deliver targeted content and advertisements.

Most web browsers accept cookies by default. You can typically configure your browser to delete or refuse cookies. However, this may affect certain website features or services.

9. Changes to This Policy

We may update this policy periodically. The revised policy will be denoted by a "Last updated" date on our website and will be effective upon accessibility. By continuing to use our website following policy changes, you agree to be bound by the updated policy. In the event of significant material changes to this privacy policy, we may notify you by prominently posting a notice on our website or by direct notification. We encourage you to review this privacy policy regularly to stay informed of our data protection practices.

10. How Can You Contact Us About This Policy?

For questions or comments about this policy, you may reach us via email at hello@lapis-story.com or by mail at:

Lapis
284 River Valley Road, Singapore, Singapore 238325, SG

For unresolved concerns, you have the right to file a complaint with a data protection authority in your country of residence or employment, or in the jurisdiction where you believe your rights have been violated. If you are an EU resident, and you believe we have unlawfully processed your personal information, you can file a complaint with your local data protection supervisory authority.