top of page

Privacy Policy

This Privacy Notice and its Addendum(s) (“Privacy Notice”) describe how Custos Technologies Pte. Ltd. (“Custos”) its respective subsidiaries, affiliates, associated companies and jointly controlled entities (collectively “Custos”, “we”, “us” or “our”) collect, use, process and disclose your Personal Data through the use of Custos’ mobile applications and websites (respectively “Application(s)” and “Website(s)”), as well as products, features and other services globally, operated by Custos (collectively, “Services”).

This Privacy Notice applies to our consumers, agents, vendors, suppliers, corporate customers and their employees, contractors, merchant partners and service providers (collectively “you”, “your” or “yours”).

Personal Data” is any information which can be used to identify you or from which you are identifiable. This includes but is not limited to your name, nationality, telephone number, bank and credit card details, personal interests, email address, your image, government-issued identification numbers, biometric data, race, date of birth, marital status, religion, health information, vehicle and insurance information, employment information and financial information.

We typically collect, use, disclose or otherwise process your Personal Data in accordance with this Privacy Notice with your consent, or in compliance with applicable laws, such as where:

  • it is required for us to comply with legal requirements;

  • it is required for us to enter into or perform a contract with you; and/or

  • for our legitimate interests or the legitimate interests of any other persons, including but not limited to for the purposes set forth in this Privacy Notice.

 

I. COLLECTION OF PERSONAL DATA

We collect (and may combine) Personal Data about you in the ways listed below:

 

We may collect personal data from our customers, business partners, contractors, employees and other individuals such as job applicants. We would only collect, use and disclose data that (a) has been provided to us voluntarily by you directly or via a third party who has been duly authorized by you to disclose your personal data to us (your “authorized representative”) after (i) you (or your authorized representative) have been notified of the purposes for which the data is collected, and (ii) you (or your authorized representative) have provided written consent to the collection and usage of your personal data for those purposes, or (b) collection and use of personal data without consent is permitted or required by the PDPA or other laws. We shall seek your consent before collecting any additional personal data and before using your personal data for a purpose which has not been notified to you (except where permitted or authorized by law).

You provide your Personal Data to us

We collect your Personal Data when you provide it to us. For example, when you:

  • complete a user profile or registration forms (such as your name, contact information and other identification information where needed);

  • provide information to assess your eligibility to claim rewards;

  • interact with our social media pages (such as your social media account ID, profile photo and any other publicly available data);

  • participate in contests or events organized by us (such as the pictures, audio, or videos you may submit, which may include images of yourself);

  • verify your identity through various means (such as social media logins, submission of selfie images or independently verified payment card information);

  • provide us the phone numbers of Custos users and other contacts in your mobile phone address book as may be required. In doing so, you confirm that you are authorized or have the relevant permission to provide us with such numbers to enhance the Service/Platform for your use or such other purpose (such as but limited to for safety or marketing purposes) as we may communicate to you before or at the point of provision;

  • fill up demographic information in surveys (such as your age, gender, and other information you may volunteer such as your marital status, occupation and income information); and

  • provide images, audio and/or video recordings.

 

When our Services are used

Personal Data may be collected through the normal operation or use of our Applications, Websites and Services. Some examples are:

  • your location information;

  • feedback, ratings and compliments;

  • transaction information (such as payment method);

  • information about how you interacted with our Applications, Website or Services (such as features used and content viewed);

  • device information (such as hardware model and serial number, IP addresses), file and app names and versions, GPS location, IMEI number, and advertising identifiers or any information that may indicate device or app modification);

  • telematics data (such as your steps, speed, acceleration and braking data);

  • personal data you enter in messages when you use our in-app communication features; and

  • personal data that may be captured through your interaction with us, our agents, images, audio and/or video recording of sustainable actions performed (such as your image or voice or both, and its related metadata).


 

From other sources

When we collect Personal Data, including but not limited to your name, contact information and other identification information where needed from other sources. Such sources include:

  • referral programmes;

  • our business partners, such as service providers, payment providers, and transport partners;

  • insurance and financial providers;

  • credit bureaus, alternative credit scoring agencies and any other credit reporting organizations;

  • publicly available or governmental sources of data;

  • Social media accounts;

  • when our users add you as a contact;

  • when our users add you as a recipient or beneficiary of any use of our Services;

  • when you use our in-app chat; and

  • marketing services providers or partners.

Sensitive Personal Data

Some of the Personal Data that we collect may be sensitive in nature. This may include Personal Data pertaining to your race, national ID information, religious beliefs, background information (including financial and criminal records, where legally permissible), health data, disability, marital status and biometric data, as applicable. We collect sensitive Personal Data only with your consent and/or in strict compliance with applicable laws. In the event that you are required to furnish any documentation or information to us for any Purpose which may contain such sensitive Personal Data (which is not required for that Purpose), you agree to redact such sensitive Personal Data before providing such documentation or information to us.


 

When you provide Personal Data of other individuals to us

In some situations, you may provide Personal Data of other individuals (such as your spouse, family members or friends) to us. For example, you may add them as recipients or beneficiaries of any use of our Services. If you provide us with their Personal Data, you represent and warrant that you have obtained their consent for their Personal Data to be collected, used and disclosed as set out in this Privacy Notice.

Personal Data of minors

As a parent or legal guardian, please do not allow minors under your care to submit Personal Data to Custos. In the event that such Personal Data of a minor is disclosed to Custos, you hereby consent to the processing of the minor’s Personal Data and accept and agree to be bound by this Notice and take responsibility for his or her actions.  

II. USE OF PERSONAL DATA

Custos may use your Personal Data for the following purposes set out in the list below. (“Purposes”). Additionally, if you use Custos in various capacities (for example, if you use multiple of Custos’ Services, or if you are both a service provider and a consumer of other services), we may link your Personal Data collected across your various capacities to facilitate your use of our Services and for the Purposes described below:  

   

Providing services and features

 

Your Personal Data will be used to provide, personalize, maintain and improve our Applications, Websites and Services. This includes using your Personal Data to:

  • engage you to provide you with Services across our various business verticals;

  • create, administer and update your account;

  • process, manage or verify your eligibility for or application of Services, promotions, rewards and subscriptions with Custos;

  • conduct due diligence checks and risk assessments / analysis;

  • verify your identity and age (where necessary);

  • validate your transactions and process payments;

  • track the progress of your sustainable actions and detect abnormal variations;

  • personalize your Applications experience (such as to recommend products and services relevant to you, identify your preferences or otherwise personalize your experience with Custos);

  • make your experience more seamless, such as automatically filling in your registration information (such as your name or phone number) from one Service to another Service or when you participate in our surveys;

  • perform internal operations necessary to provide our Services, including troubleshooting software bugs and operational problems, conducting data analysis, testing and research, monitoring and analyzing usage and activity trends;

  • protect the security or integrity of the Services and any facilities or equipment used to make the Services available;

  • enable communications between our users;

  • invite you to participate in our surveys and studies; and

  • fulfill the services to you as a data processor, where you have provided consent to the data controller (i.e. the organization you had purchased goods or services from, and for whom Custos is providing services on behalf of) for such services to be rendered. 

 

Safety and security

We use your data to ensure the safety and security of our Services and all users. This includes:

  • screening service providers and business partners before enabling their use of our Services;

  • verifying your identity when you log in to our Platform;

  • using device, location, profile, usage and other Personal Data to prevent, detect and combat fraud or unsafe activities; and

  • monitoring compliance with our terms and conditions and policies.

 

User support

 

We use Personal Data to resolve user support issues. For example, we may:

  • investigate and address concerns;

  • monitor and improve our user support responses;

  • respond to questions, comments and feedback; and

  • inform you about steps taken to resolve user support issues.

 

Research and development and security

We may use the Personal Data we collect for testing, research, analysis and product development. This allows us to understand and analyze your needs and preferences, protect your Personal Data, improve and enhance the safety and security of our Services, develop new features, products and services, and facilitate development of insurance and finance solutions.

Legal purposes

We may use the Personal Data we collect for legal purposes, such as to investigate and resolve claims or disputes, detect/prevent/prosecute crime, or as allowed or required by applicable law.

We may also use your Personal Data when we are required, advised, recommended, expected or requested to do so by our legal advisors or any local or foreign legal, regulatory, governmental or other authority.

For example, we may use your Personal Data to:

  • comply with court orders or other legal, governmental or regulatory requirements;

  • enforce our Terms of Service or other agreements; and

  • protect our rights or property in the event of a claim or dispute.

 

Marketing and promotions

We may use your Personal Data to send you marketing communications relating to customized products or services (that may be of interest or relevance based on your profile), or Custos’ partners’, sponsors’ and advertisers’ products, services, events or promotions. For example, we may:

  • send you special offers that may be of interest or relevance to you across all of Custos’ service offerings;

  • send you alerts, newsletters, updates, mailers, promotional materials, special privileges, festive greetings; and

  • notify, invite and manage your participation in our events or activities.

 

We may communicate such marketing to you by various means, where applicable (including by SMS, chat applications (e.g. WhatsApp, Telegram, LINE, Viber, WeChat, Zalo), push notification, call, and by email).

If you wish to unsubscribe to the receiving of such marketing communications, please click on the unsubscribe link in the relevant email or message. Alternatively, you may contact our data privacy and protection officer at dpo@custoscarbon.com or you may be able to update your preferences in our Applications settings. Please note that while you may opt out of marketing or promotion communications, Custos may still send you service-related messages (such as information on your transactions, rewards, etc.).

 

User Published Content

If you publish content (such as a review or comment) on Custos’ platform, it may be shown publicly along with your personal data (such as profile name, uploaded photo(s)), and other information you choose to include in your content. 

III. DISCLOSURE OF PERSONAL DATA

We may disclose your personal data: 

  • with your consent, where such disclosure is required for performing obligations in the course of or in connection with our provision of the goods or services requested by you;

  • to comply with any applicable laws, regulations, codes of practice, guidelines or rules (e.g. in an emergency or when we receive a subpoena to disclose your personal data); or

  • with your consent, to third party service providers, agents and other organizations we have engaged to perform any of the functions listed in paragraph 2.3 above for us. Any third parties engaged by us will be contractually bound to keep all personal data confidential.

 

We need to share Personal Data with various parties for the Purposes. These parties include:

 

Other users

For example: 

  • If you are a consumer of services from our network of service providers, we may share your username and contact details with our partners fulfilling your Service request;

  • If you are providing a service to other users on Custos, we may share your Personal Data including your name and photo, phone number,  location and average rating;

  • If you are using any Custos’ Service involving the delivery of any items, we may share your Personal Data with the recipient of your items, and vice versa, as well as the delivery partner in charge of fulfilling your service request; and

  • If you use our in-app chat, we may share your mobile number and Custos-registered name with the other parties to your chat.

 

With third parties

With third parties related to your use of Custos Services

For example:

  • If you are a service provider or engaging in a service, we may share your location, contact information and/or your name with third parties to facilitate the transaction.

  • If you are redeeming a reward, we may disclose your name, address, email, contact number or other personal data to the rewards merchant and/or the delivery provider for the purpose of delivering your reward.

 

With third-parties impacted by Custos activities or transactions that you may make

 

If a request is made by a third party or your employer to us to share your individual activity data made under a personal account with them, we will ask your permission to do so (unless contrary to applicable law). 

If you choose to share your individual activity data made under a personal account with your employer, this process will be driven by you and we are not responsible for the actions of your employer in regard to your personal data. 

If you or your employer register for a corporate account and proceed to perform activities under this account, all trip and booking information will be disclosed to your employer. 

In respect of the processing of our users’ personal data, Custos acts as a data controller. However, Custos is not a data processor for any corporate client but an independent data controller in respect of all the Personal Data that it processes in the course of providing corporate accounting, rewards, and/or billing features. As independent data controllers, Custos and its corporate clients individually determine the purposes and means of processing Personal Data subject to the provisions set out in the Agreement and this Privacy Notice. Custos and its corporate clients are also individually responsible for ensuring the protection of Personal Data under their charge. 

In order to register for any corporate client account or facilitate the use of corporate client account, the individual user or the client may be required to provide the following additional information about you as an individual user or the corporate client to Custos, such as :

  • full name;

  • business email address; and

  • other identifying information about you as an individual user as reasonably requested by Custos.

 

Aside from the general purposes of use detailed above, Custos may additionally use this information for the purposes of:

  • authenticating you as an individual user;

  • where applicable, linking your individual user’s account with the corporate client’s account or tracking your business profile bookings under your individual user account on the Application, as the case may be;

  • where applicable, verifying your corporate billing status from time to time; and

  • contacting you in accordance with the purposes set out in the Privacy Notice .

 

With subsidiaries and affiliates

We share Personal Data with our subsidiaries, associated companies, jointly controlled entities and affiliates. Custos and its affiliated companies may share resources, such as infrastructure and technology, with each other to provide you with a consistent, relevant and secure experience when you use our Services, and for the Purposes set out in this Privacy Notice.

For example, we do this to make your experience more seamless, such as by automatically completing your registration information from your use of one Custos’ Service when you sign up for a new Custos Service provided under another affiliate or subsidiary.

 

With Custos’ service providers and business partners

 

We may provide Personal Data to our vendors, consultants, marketing partners, research firms, and other service providers or business partners. This includes:

  • payment processors and facilitators;

  • debt collectors;      

  • credit bureaus, alternative credit scoring agencies and any other credit reporting organizations;

  • background check and anti-money laundering service providers;

  • cloud storage providers;

  • advertising and marketing partners and platform providers;

  • data analytics providers;

  • research partners, including those performing surveys or research projects in partnership with Custos or on Custos’ behalf;

  • educational and training institute partners;

  • merchant partners;

  • marketplace platform partners;

  • insurance and financing partners;

  • third party intermediaries involved in the managed investment of funds, such as brokers, asset managers, and custodians;

  • service providers who perform identity verification services; and

  • vehicle solutions partners, vendors or third-party vehicle suppliers.

 

For example:

  • If you requested a service through a Custos partner or used a promotion provided by a Custos partner, Custos may share your Personal Data with that Custos partner.

  • If you rent, repair or purchase an item with our affiliate companies or service providers, we may share relevant information (e.g. the status of your account, applicable incentives/promotions, your account statistics) for collaborative efforts (e.g. create new incentives and benefits for you or improving supply of services).

 

With our legal advisors and governmental authorities

 

We may share your Personal Data with our legal advisors, law enforcement officials, government authorities and other third parties. This may take place to fulfill the legal purposes (mentioned above), or any of the following circumstances:

  • where it is necessary to respond to an emergency that threatens the life, health or safety of a person; or

  • where it is necessary in the public interest (e.g. in a public health crisis, for contact tracing purposes and safeguarding our community).

 

Business transfers

 

We may share your Personal Data with other parties, in connection with any acquisitions, sales, mergers, joint ventures, consolidation, restructuring, financing or any other type of business transactions. Your Personal Data will however remain subject to our obligations made in any pre-existing Privacy Notice that you have agreed to.

 

 

IV ACCURACY OF PERSONAL DATA

We will make every reasonable effort to ensure that personal data collected by us or on our behalf is accurate and complete.

 

We generally rely on personal data provided by you (or your authorized representative). In order to ensure that your personal data is current, complete, and accurate, please update us if there are changes to your personal data by informing our Data Protection Officers at the contact details provided in Section XIII (How to contact us) below. 

 

V. RETENTION OF PERSONAL DATA

 

We retain your Personal Data for the period necessary to fulfill the Purposes outlined in this Privacy Notice unless a longer retention period is required or allowed by law. Once your Personal Data is no longer necessary for the Services or Purposes, or we no longer have a legal or business purpose for retaining your Personal Data, we take steps to erase, destroy, anonymise or prevent access or use of such Personal Data for any purpose other than compliance with this Privacy Notice, or for purposes of safety, security, fraud prevention and detection, in accordance with the requirements of applicable laws.


 

VI. INTERNATIONAL TRANSFERS OF PERSONAL DATA

Your Personal Data may be transferred from country, state and city (“Home Country”) in which you are present while using our Services to another country, state and city (“Alternate Country”).

When we transfer your Personal Data from your Home Country to the Alternate Country, we will comply with our legal and regulatory obligations in relation to your Personal Data, including having a lawful basis for transferring Personal Data and putting appropriate safeguards in place to ensure an adequate level of protection for the Personal Data. We will also ensure that the recipient in Alternate Country is obliged to protect your Personal Data at a standard of protection comparable to the protection under applicable laws.

Our lawful basis will be either consent (i.e. we may ask for your consent to transfer your Personal Data from your Home Country to the Alternate Country at the time you provide your Personal Data) or one of the safeguards permissible by laws.

VII. COOKIES AND ADVERTISING ON THIRD PARTY PLATFORMS

 

Cookies

 

Custos, and third parties with whom we partner, may use cookies, web beacons, tags, scripts, local shared objects such as HTML5, advertising identifiers and similar technologies (collectively, “Cookies”) in connection with your use of the Websites and Applications, which may be persistent or stored only during an individual session on your browsers or devices.

Cookies may have unique identifiers, and reside, among other places, on your computer or mobile device, in emails we send to you, and on our web pages. Cookies may be used for various purposes such as to:

  • provide the essential, basic functions of the use of our Websites, Services or Applications;

  • authenticate you, or remember your user preferences and settings;

  • delivering and measuring the effectiveness of advertising campaigns, such as by measuring number of views or click-throughs;

  • analyze site traffic and trends;

  • serve you relevant advertisements across other Applications and websites owned by other companies (whether by us or by other advertisers); and

  • enhance user interface and experience by generally understanding the online behaviors and interests of users who interact with our Website, Services or Applications.

 

Custos may allow third parties to use Cookies on the Websites and Applications to collect the same type of Personal Data for the same purposes Custos does for itself. Third parties may be able to associate the Personal Data they collect with other Personal Data they have about you from other sources. We do not necessarily have access to or control over the Cookies they use.

 

Disabling the collection of cookies on our websites 

 

You have the right to choose to disable, block or deactivate cookies. Please note that however refusal or removal of some cookies could affect the availability, functionality or use of our Website, Services or Applications.

You may adjust your internet browser settings to disable, block or deactivate cookies, delete your browsing history or clear the cache from your internet browser. The settings may be contained within the “History”, “Preferences”, “Settings” or “Privacy” section of your internet browsers, or you may otherwise consult the help section of your internet browser for more information.

 

Disabling the display of Targeted Ads through our App 

We may facilitate the display of targeted advertising on other platforms, such as on other online platforms that you may be a user of.

You may be able to limit our use of your Personal Data to display targeted advertisements on behalf of our advertisers, by adjusting your preference through the Applications. Depending on the type of phone and operating software that you are using, you may be granted the option to disable our use of mobile identifiers (such as Apple’s IDFA or Google’s GAID) and the ability to track you across Applications and websites owned by other companies by adjusting the settings available on your mobile devices. Through adjusting the settings on your device, you may be able to reset, delete, limit and/or otherwise restrict the use of such mobile identifiers.

Although we will not use your Personal Data to show you such targeted advertisements on other platforms, you may still see generic ads that appear relevant to you. This may be because we have engaged third party advertisers / platforms to display ads to users of specific attributes or demographic makeups who may find them relevant. You may be able to limit seeing these advertisements through managing your preferences on these platforms.

 

Facebook Data Deletion Instructions

 

If you want to delete your Facebook data for Custos App, you can remove your activities by the following instructions.

  1. Go to Your Facebook Account’s Setting & Privacy. Click “Setting”.

  2. Then, go to “Apps and Websites” and you will see all of your Apps activities.

  3. Select the option box of Custos.

  4. Click “Remove” button.

VIII. PROTECTION OF PERSONAL DATA

We will take reasonable legal, organizational and technical measures to ensure that your Personal Data is protected. This includes measures to prevent Personal Data from getting lost, or used or accessed in an unauthorized way. We limit access to your Personal Data to our employees on a need to know basis. Those processing your Personal Data will only do so in an authorized manner and are required to treat your information with confidentiality.

 

If there is a need to disclose your Personal Data to third parties in line with the purposes mentioned in Section II (Use of Personal Data), we will ensure that they provide sufficient guarantees to us to have implemented the necessary security measures to protect your Personal Data.

 

Nevertheless, please understand that the transmission of information via the internet is not completely secure. Although we will do our best to protect your Personal Data, we cannot guarantee the security of your Personal Data transmitted through any online means, therefore, any transmission remains at your own risk. While security cannot be guaranteed, we strive to protect the security of your personal data and are constantly reviewing and enhancing our information security measures. In the event of a personal data breach, we will endeavor to notify the affected parties no later than within 3 calendar days from when we become aware of the breach.

IX. YOUR RIGHTS WITH RESPECT TO YOUR PERSONAL DATA    

In accordance with applicable laws and regulations, you may be entitled to:

  • inquire about the processing of your Personal Data and be provided with a copy of it;

  • in some cases, request the correction and/or deletion of your Personal Data;

  • in some cases, request the restriction of or object to the processing of your Personal Data;

  • withdraw your consent to the processing of your Personal Data (where we are processing your Personal Data based on your consent);

  • request receipt or transmission to another organization, in a machine-readable form, of the Personal Data that you have provided to us where we are using your Personal Data based on consent or performance of a contract; and

  • complain to the relevant data privacy authority if your data privacy rights are violated, or if you have suffered detriment as a result of unlawful processing of your Personal Data.

 

You may submit your request in writing or via email to our Data Protection Officer. 

 

Where you are given the option to share your Personal Data with us, you can always choose not to do so. If we have requested your consent to processing and you later choose to withdraw it, we will respect that choice in accordance with our legal obligations.

However, choosing not to share your Personal Data with us, withdrawing your consent to our use of it or to your agreement with our Privacy Notice could mean that we are unable to perform the actions necessary to achieve the purposes of processing described in Section II (Use of Personal Data) or that you are unable to make use of the Applications or the Services and notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us.After you have chosen to withdraw your consent, we may be able to continue to process your Personal Data to the extent required or otherwise permitted by applicable laws and regulations.

 

We will screen and verify all requests beforehand. In order to verify your identity and/or authority to make the request, we may require you to provide supporting information or documentation to corroborate the request. Once verified, we will give effect to your request within thirty (30) days of receiving. If we are unable to provide you on the request, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the PDPA). 

 

If your request relates to personal data which we are processing on behalf of another organization, we will instead forward your request to the relevant organization for their necessary action.

 

Please note that a reasonable fee may be charged for an access request. If so, we will inform you of the fee before processing your request.

XI DATA BREACH NOTIFICATION

In the event of a breach of security leading to accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data, we shall promptly assess the impact and if appropriate, report this breach within 3 calendar days to the Personal Data Protection Commission (PDPC). We will notify you when the data breach is likely to result in significant harm to you after our notification to PDPC. We may also notify other relevant regulatory agencies, where required. If we are a Data Intermediary, we shall inform the Data Controller immediately of any data breach so they can promptly assess the impact and comply with their data breach notification obligation. 

 

XII. AMENDMENTS AND UPDATES

 

Custos may modify, update or amend the terms in this Privacy Notice at any time. Such amendments shall be notified to you through the Applications and/ or other appropriate means at least five (5) business days before the effective date. The updated version will be posted on the Custos website. It is your responsibility to review the Privacy Notice regularly. Your continued use of the Applications, Websites or Services, or continuing to communicate or engage with Custos following the effective date of the modifications, updates or amendments to this Privacy Policy, whether or not reviewed by you, shall constitute your agreement to be bound by such amendments.


 

XII. HOW TO CONTACT US

 

If you have any queries about this Privacy Notice or would like to exercise your rights set out in this Notice, please contact us at dpo@custoscarbon.com or direct your mail to our Data Protection Privacy Officer at:

 

Attn: Data Protection Officer

Address: 360 Dunearn Road

Singapore 299552

bottom of page