Privacy Policy
Revised on November 1, 2021
  • Revised on November 1, 2021
  • Revised on July 1, 2020

The purpose of this Privacy Policy is to inform you and provide you with an understanding of how OmniOne(“OmniOne” or “we” or “our” or “us”), a limited company(RaonWhiteHat Co., Ltd) handle, collect, use, disclose and deal with Personal Data (as defined below) about you that you give us through our mobile apps and website(s) such as www.omnione.io that may be published by us (the said mobile apps and website may be collectively or individually referred to as the “Mobile App”), that we receive through third parties or that is in our possession.
We recognize the importance of the Personal Data you have entrusted to us and believe that it is our responsibility to properly manage, protect and process your Personal Data as we take our duties General Data Protection Regulation and other applicable personal data protection laws and regulations (the “Applicable Law”) seriously. In our Privacy Policy, we will inform you the purpose and method of using the Personal Data provided by you and the measures employed to ensure protection your Personal Data.
This Privacy Policy is effective from November 1, 2021, and any changes to the contents of this Privacy Policy will be posted on and can be viewed at our Mobile App.

  • 1. Collection of Personal Data

    • (1) Type of Personal Data Which We Collect From You

      “Personal Data” is defined under this Privacy Policy to mean data or information, whether true or not, about you as an individual who can be identified from that data or information, or from that data or information and other information to which an organization has or is likely to have access.

      OmniOne collects Personal Data about you, such as when you provide your Personal Data to us, when you use our Mobile App and/or our services, and/or when you interact with us. Personal Data which we may collect include:

      Required : Personal Device Information (Android Device ID, IMEI, UICCID)

      Recommended : For each OmniOne service(s) you apply and/or use, We shall notify you the type of Personal Data we collect about you

      You may refuse to consent to the collection and use of Personal Data as outlined above. Your refusal of consent shall not result in any restriction and/or limitation on the use of our Mobile App and/or our services.

    • (2) Collection Method

      We will collect your Personal Data, when:

      • You input your Personal Data into the Mobile App upon registration to OmniOne Simple Authentication service;
      • You input your Personal Data into the Mobile App upon registration to OmniOne Identity Verification service; and
      • You input your Personal Data into the Mobile App upon registration to OmniOne Status Verification service.
  • 2. The Purposes For Which We Collect, Use Or Disclose Your Personal Data

    • OmniOne will/may collect, use, disclose and/or process your Personal Data for one or more of the following purposes:

      • administering, facilitating, processing and/or dealing in any transactions, activities or matters relating to your use of the Mobile App and/or our services, including, but not limited to:
        • I. transactions, activities or matters related to identity authentication and logging-in for OmniOne Simple Authentication service in order to allow organizations in connection with aforementioned OmniOne service to verify your membership with the organization and log-in to the organization’s website and/or mobile app,
        • II. transactions, activities or matters related to identity verification for OmniOne Identity Verification service in order to allow organizations in connection with aforementioned OmniOne service to verify your identity and provide its service to you, and/or
        • III. transactions, activities or matters related to status verification (student, military member, etc.) for OmniOne Status Verification service in order to allow the organizations in connection with aforementioned OmniOne service to verify your identity and provide its services to you;
      • administering, facilitating, processing and/or dealing in any transactions, activities or matters relating to the issuance, settlement and/or transaction of Omni Credit in relation to the above mentioned OmniOne service(s);
      • maintaining and/or developing our IT or business systems and infrastructure including testing and upgrading of these systems, including, but not limited to, storing, hosting, backing up (whether for disaster recovery or otherwise) of your Personal Data, whether within or outside Korea
      • record-keeping and reporting purposes for internal and/or statutory reporting and/or record-keeping requirements that may be applicable to us;
      • complying with or as required by any Applicable Law, governmental or regulatory requirements or guidelines of any jurisdiction applicable to us (whether Korea or other countries), with which we or our affiliates/associated companies are expected to comply;
      • complying with or as required by any request or direction of any governmental authority (whether Korea or other countries) which we are expected to comply with, including corresponding to requests or complaints for information from public agencies, ministries, statutory boards or other similar authorities;
      • carrying out risk management procedures, including due diligence or other screening activities, in accordance with legal or regulatory obligations applicable to us (whether Korea or other countries) or that may have been put in place by us; and
      • administering, facilitating, managing, processing and/or dealing with your relationship with us, including, but not limited to communicating with you for one or more of the Purposes stated herein. (the purposes set out in this section above shall be collectively referred to as the “Purposes”).

      We may collect, use, disclose or process your Personal Data for other purposes that do not appear above. However, we will notify you of such other purpose at the time of obtaining your consent, unless processing of your Personal Data without your consent is permitted by the Applicable Law.

  • 3. Outsourcing

    • We shall not outsource our handling and management duties of your Personal Data, in relation to the Purposes, to another third party company or organization.

      If such duties are outsourced, we shall ensure that such company or organization has robust data protection policies and practices (i.e. duty of confidentiality, prohibition against re-assignment, data security, etc.) in order to provide utmost protection of your Personal Data. Also, we shall monitor such company or organization is effectively complying with its data protection policies and practices.

  • 4. Disclosure to Third Parties

    • OmniOne may/will disclose your Personal Data to third parties (including our associated or affiliated organizations or corporations), whether located within or outside Korea, for one or more of the above Purposes, as such third parties would be processing your Personal Data for one or more of the above Purposes. In this regard, you hereby acknowledge, agree and consent that we may/are permitted to disclose your Personal Data to such third parties (whether located within or outside Korea) for one or more of the above Purposes and for the said third parties to subsequently collect, use, disclose and/or process your Personal Data for one or more of the above Purposes.

  • 5. GDPR Personal Information Processing

    • In accordance with General Data Protection Regulation (“GDPR”), we shall process your Personal Data only if and to the extent that at least one of the following applies:

      • you as a data subject have given consent to the processing of your Personal Data for one or more of the above Purposes;
      • processing is necessary for the performance of a contract to which you as a data subject are a party or in order to take steps at your request prior to entering into a contract;
      • processing is necessary for compliance with a legal obligation to which we are subject to, including, but not limited to, Applicable Law, legal procedure, governmental demands or requests;
      • processing is necessary in order to protect the vital interests of you or of another natural person, including, but not limited to, detection and prevention of fraud, abuse, security risks and technical issues;
      • processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us; or
      • processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of Personal Data, in particular where you as a data subject is a child.
  • 6. Retention Period

    • We will delete your Personal Data immediately as soon as it is reasonable to assume that (i) the purpose for which that Personal Data was collected is no longer being served by the retention of such Personal Data; (ii) retention is no longer necessary for any other legal or business purposes; and/or (iii) you request deletion of your Personal Data.

      Provided, however, that if it is necessary to retain your Personal Data in accordance with the Applicable Law, we shall keep your Personal Data for a period designated by the Applicable Law. Unless the Applicable Law prescribes otherwise, your Personal Data shall be retained for the following periods:

      • Data or records related to contract or subscription to our service, including withdrawal thereof: 5 years (Act on the Consumer Protection in Electronic Commerce)
      • Data or records related to payment and supply of goods and/or services: 5 years (Act on the Consumer Protection in Electronic Commerce)
      • Data or records related to consumer complaints or dispute handling: 3 years (Act on the Consumer Protection in Electronic Commerce)
      • Data or records related to collection, processing, and utilization of credit information: 3 years (Use and Protection of Credit Information Act)
      • Data or records related to marketing or advertisement: 6 months (Act on the Consumer Protection in Electronic Commerce)
      • Data or records related to internet and website logging-in, access and other activities of the users: 3 months (Protection of Communications Secret Act)
      • Data or records related communication confirmation: 12 months (Protection of Communications Secret Act)
  • 7. Deletion

    • We will delete your Personal Data immediately as soon as you have deleted your Mobile App from your mobile device. We will put in place measures such that your Personal Data stored in the blockchain or otherwise in our possession or control is anonymized via Hash Algorithm, so that the original data or information thereof cannot be verified or deciphered.

      Even if the anonymized version thereof is stolen, such data alone cannot be used to identify a specific individual nor be used as a basis for forgery, identity theft or related crimes. In addition, for the verification original data or thereof, we will instill a secondary authentication factor to require confirmation of your biometrics information that was entered at the Mobile App via FIDO authentication method at the point of registration.

      In all cases, we shall delete your Personal Data after retaining for a period designated by the Applicable Law. Unless the Applicable Law permits otherwise, your personal data retained after such period shall not be used for any other purpose.

  • 8. Protective Measures

    • Security of your Personal Data is important to us. We will put in place reasonable security arrangements to ensure that your Personal Data is adequately protected and secured. Appropriate security arrangements will be taken to prevent any unauthorized access, collection, use, disclosure, copying, modification, leakage, loss, damage and/or alteration of your Personal Data. After your Personal Data is verified as true and authentic, we shall encrypt your Personal Data and transfer it in a safe area within the Mobile App. In addition, for the verification original data or thereof, we will instill a secondary authentication factor to require confirmation of your biometrics information that was entered at the Mobile App via FIDO authentication method at the point of registration. The encrypted and anonymized version of your Personal Data via Hash Algorithm shall be stored on the blockchain server until your termination of the service. We shall use distributed ID (DID) and distributed PKI (DPKI) technology to prevent unauthorized access, disclosure, use, and modification of your Personal Data. Also, in order to ensure that your Personal Data is not lost, stolen, altered, or damaged during its processing, we shall install the following technical, administrative and physical measures:

      Type of Measures Details
      Technical
      • Personal Data Encryption and Transfer to “safe area”
      • Installation and Operation of Vaccine Software
      • Installation and Operation of Limited Access Control Devices
      Administrative
      • Appointment of Data Protection Officer and other responsible persons (collectively, referred as “Responsible Person”)
      • Regular Training for Responsible Person
      • Establishment and Implementation of a Robust and Continuous Internal Management Plan
      • Establishment and Implementation of a Robust Password Creation and Maintenance Policies and Procedures
      • Establishment and Implementation of Limited Access Authority to the Personal Data Processing System
      Physical
      • Restriction in Access Control to Responsible Persons Only
  • 9. Sharing of Personal Data

    • We shall share your Personal Data only under the following parties and/or situations:

      • Our partners, affiliates or associated organizations (including related corporations) or any of our agents, contractors or third party service providers, whether located in Korea or elsewhere
        • any partners, affiliates or third party service providers that will provide administrative duties on behalf of us (i.e. payment processing, order fulfillment, product delivery, dispute settlement etc.); or
        • any partners, affiliates or third party service providers to whom disclosure is for carrying out OmniOne Services (including collecting and processing of your Personal Data on our behalf)
      • You provide prior written consent to us
        • You consent to sharing of your Personal Data with a specific company in order to receive its products and/or services;
        • You consent to sharing of your Personal Data with any websites or social media platforms operated by third parties
        • Other situations where you provide prior written consent to sharing of your Personal Data
      • Legal obligation
        • Disclosure of your Personal Data is required by Applicable Law
  • 10. Cookies and/or Web Beacons

    • We may use cookies and/or web beacons to identify you from other users.

      A cookie is a small file of letters and numbers that is sent by our server for the management of our website, which is then stored on your browser or the hard drive of your computer or device. Web beacon is a small code on our website or e-mail. The web beacon alerts us whether you used a specific web or e-mail content.

      We may use the cookies and/or web beacons for evaluating and improving our services in order to provide seamless experience for you and the other users.

      You can block or deactivate cookies, either in part or in entirety, in your browser settings. Provided, however, that if you choose to block or deactivate the cookies, your access and/or use of our services may be restricted or limited.

  • 11. Your Rights

    • You (or legal representative) as a data subject have the right to exercise the following rights in connection with the collection, use and sharing of your Personal Data.

      • Right to access your Personal Data;
      • Right to correct and/or delete your Personal Data;
      • Right to suspend the processing of your Personal Data; and
      • Right to withdraw the consent of the collection, use and sharing of your Personal Data.

      You may exercise the aforementioned rights by requesting to certificate issuing authorities of your Personal Data. You may also contact us (or Data Protection Officer, Responsible Person, etc.) in writing, or via phone or e-mail, and we will process your request within a reasonable time from the date such request is made. Note that the Applicable Law may exempt certain types of Personal Data from being subject to your request as well as provides for situation(s) when your request may not be accepted by us despite your request.

  • 12. Your GDPR Rights

    • You (or legal representative) as a data subject have the right to exercise the following rights in connection with the collection, use and sharing of your Personal Data.

      • Right to access;
        • You (or legal representative) have the right to obtain our confirmation as to whether or not your Personal Data is being processed (collection, use and/or sharing) in accordance with Applicable Law, and, where that is the case, access to your Personal Data.
      • Right to rectification;
        • You (or legal representative) have the right to obtain from us without undue delay the rectification of inaccurate Personal Data concerning you.
      • Right to erasure;
        • You (or legal representative) have the right to obtain from us the erasure of your Personal Data without undue delay, where (i) the Personal Data is no longer necessary in relation to the purposes for which they were collected or otherwise processed, (ii) you withdraw your consent on which the processing is based, or (iii) erasure (or request thereof) is made in accordance with Applicable Law.
      • Right to restriction of processing
        • You (or legal representative) have the right to obtain from us restriction of processing, where (i) the accuracy of your Personal Data is contested, (ii) the processing is unlawful and you oppose the erasure of your Personal Data and requests the restriction of use instead, (iii) we no longer need your Personal Data for the purposes of processing, but is required by you for the establishment, exercise or defense of legal claims, or (iv) restriction of processing (or request thereof) is made in accordance with Applicable Law.
      • Right to data portability
        • You (or legal representative) have the right to receive your Personal Data and right to request transmission of such data to another data controller, in accordance with Applicable Law.
      • Right to object
        • You (or legal representative) have the right to object to processing of your Personal Data for purposes related to direct marketing, public interest or in the exercise of official authority, or scientific or historical research.
      • Right to object to automated individual decision-making, including profiling
        • You (or legal representative) have the right to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

      You may exercise the aforementioned rights by requesting to certificate issuing authorities in your Mobile App. You may also contact us (or Data Protection Officer, Responsible Person, etc.) in writing, or via phone or e-mail, and we will process your request within a reasonable time from such a request being made. Note that the Applicable Law may exempt certain types of Personal Data from being subject to your request as well as provides for situation(s) when your request may not be accepted by us despite your request.

  • 13. Minors

    • We shall not collect Personal Data from any person below the age of 14 (or corresponding minimum age in accordance with Applicable Law). The Mobile App is not intended for use by any minors below the age of 14 (or corresponding minimum age in accordance with Applicable Law). We cannot and do not intend to, transact through the Mobile App directly with anyone we know to be under the age of 14 (or corresponding minimum age in accordance with Applicable Law). By providing any Personal Data to us, you declare and affirm that you are at least 14 years of age and above and agree to the terms set out in this Privacy Policy.

  • 14. Amendment

    • We reserve the right to amend this Privacy Policy from time to time. If we change this Privacy Policy, we will notify through the Mobile App. If required by law, we will seek your consent to the amended version of the Privacy Policy.

  • 15. Miscellaneous

    • Overseas Transfer of Personal Data
      • As a global company, we may/will transfer your Personal Data to other companies or third parties located outside of Korea. We shall take appropriate measures to protect your Personal Data where your data is transmitted, retained or processed.
      • In the event that your Personal Data that is based in European Union or Switzerland is to be used or disclosed, we shall seek arrangements in accordance with Applicable Law, including, but not limited to compliance with US-EU Privacy Shield treaty and/or Swiss-US Privacy Shield treaty, adoption of standard contract terms approved by the European Union’s governing body or other safeguards (seeking of your consent) in line with European Union regulations.
    • Third Party website and/or services
      • Our Mobile App may be linked to third party’s websites, products and/or services. As the privacy policy of the third party may be different from this Privacy Policy, we encourage you to review the privacy policy of the third party.
    • California Residents
      • In the event you are a California resident, certain rights may be attached. In order to comply with California Online Privacy Protection Act, we shall provide necessary measures to protect your Personal Data.
      • If your Personal Data is leaked, you can request for information leakage confirmation. You can also request to certificate issuing authorities of your Personal Data to change and/or rectify your Personal Data at any time.
      • We do not track our Mobile App users. Even though we collect Location Data as outlined in this Privacy Policy, we do not use such Location Data for any purpose.
      • We do not collect your Personal Data through any marketing or advertising agencies nor provide your Personal Data for marketing purposes without your consent.
  • 16. Contact Us

    • If you have any question about this Privacy Policy or any other query in relation to how we may manage, protect and/or process your Personal Data, please do not hesitate to contact us at:

      • Name: RaonWhiteHat Co., Ltd.
      • Address : 13F Woosin Building, 145 Teheran-ro, Gangnam-gu, Seoul, 06132 Korea
      • Data Protection Officer: Wonseok Yoon
      • Other Responsible Person: Dohyun Kim
      • E-mail: privacy@raoncorp.com
  • Last Updated on November 1, 2021

The purpose of this Privacy Policy is to inform you and provide you with an understanding of how OmniOne Pte Ltd (“OmniOne” or “we” or “our” or “us”), a limited company registered in Singapore (Co. Reg. No. 201916626K) at 16 Collyer Quay #17-00, Income At Raffles, Singapore (049318), handle, collect, use, disclose and deal with Personal Data (as defined below) about you that you give us through our mobile apps and website(s) such as www.omnione.io that may be published by us (the said mobile apps and website may be collectively or individually referred to as the “Mobile App”), that we receive through third parties or that is in our possession.
We recognize the importance of the Personal Data you have entrusted to us and believe that it is our responsibility to properly manage, protect and process your Personal Data as we take our duties under Singapore’s Personal Data Protection Act, General Data Protection Regulation and other applicable personal data protection laws and regulations (the “Applicable Law”) seriously. In our Privacy Policy, we will inform you the purpose and method of using the Personal Data provided by you and the measures employed to ensure protection your Personal Data.
This Privacy Policy is effective from July 1, 2020, and any changes to the contents of this Privacy Policy will be posted on and can be viewed at our Mobile App.

  • 1. Collection of Personal Data

    • (1) Type of Personal Data Which We Collect From You

      “Personal Data” is defined under this Privacy Policy to mean data or information, whether true or not, about you as an individual who can be identified from that data or information, or from that data or information and other information to which an organization has or is likely to have access.

      OmniOne collects Personal Data about you, such as when you provide your Personal Data to us, when you use our Mobile App and/or our services, and/or when you interact with us. Personal Data which we may collect include:

      Required : Personal Device Information (Android Device ID, IMEI, UICCID)

      Recommended : For each OmniOne service(s) you apply and/or use, We shall notify you the type of Personal Data we collect about you

      You may refuse to consent to the collection and use of Personal Data as outlined above. Your refusal of consent shall not result in any restriction and/or limitation on the use of our Mobile App and/or our services.

    • (2) Collection Method

      We will collect your Personal Data, when:

      • You input your Personal Data into the Mobile App upon registration to OmniOne Simple Authentication service;
      • You input your Personal Data into the Mobile App upon registration to OmniOne Identity Verification service; and
      • You input your Personal Data into the Mobile App upon registration to OmniOne Status Verification service.
  • 2. The Purposes For Which We Collect, Use Or Disclose Your Personal Data

    • OmniOne will/may collect, use, disclose and/or process your Personal Data for one or more of the following purposes:

      • administering, facilitating, processing and/or dealing in any transactions, activities or matters relating to your use of the Mobile App and/or our services, including, but not limited to:
        • I. transactions, activities or matters related to identity authentication and logging-in for OmniOne Simple Authentication service in order to allow organizations in connection with aforementioned OmniOne service to verify your membership with the organization and log-in to the organization’s website and/or mobile app,
        • II. transactions, activities or matters related to identity verification for OmniOne Identity Verification service in order to allow organizations in connection with aforementioned OmniOne service to verify your identity and provide its service to you, and/or
        • III. transactions, activities or matters related to status verification (student, military member, etc.) for OmniOne Status Verification service in order to allow the organizations in connection with aforementioned OmniOne service to verify your identity and provide its services to you;
      • administering, facilitating, processing and/or dealing in any transactions, activities or matters relating to the issuance, settlement and/or transaction of Omni Credit in relation to the above mentioned OmniOne service(s);
      • maintaining and/or developing our IT or business systems and infrastructure including testing and upgrading of these systems, including, but not limited to, storing, hosting, backing up (whether for disaster recovery or otherwise) of your Personal Data, whether within or outside Singapore;
      • record-keeping and reporting purposes for internal and/or statutory reporting and/or record-keeping requirements that may be applicable to us;
      • complying with or as required by any Applicable Law, governmental or regulatory requirements or guidelines of any jurisdiction applicable to us (whether of Singapore or other countries), with which we or our affiliates/associated companies are expected to comply;
      • complying with or as required by any request or direction of any governmental authority (whether Singapore or other countries) which we are expected to comply with, including corresponding to requests or complaints for information from public agencies, ministries, statutory boards or other similar authorities;
      • carrying out risk management procedures, including due diligence or other screening activities, in accordance with legal or regulatory obligations applicable to us (whether Singapore or other countries) or that may have been put in place by us; and
      • administering, facilitating, managing, processing and/or dealing with your relationship with us, including, but not limited to communicating with you for one or more of the Purposes stated herein. (the purposes set out in this section above shall be collectively referred to as the “Purposes”).

      We may collect, use, disclose or process your Personal Data for other purposes that do not appear above. However, we will notify you of such other purpose at the time of obtaining your consent, unless processing of your Personal Data without your consent is permitted by the Applicable Law.

  • 3. Outsourcing

    • We shall not outsource our handling and management duties of your Personal Data, in relation to the Purposes, to another third party company or organization.

      If such duties are outsourced, we shall ensure that such company or organization has robust data protection policies and practices (i.e. duty of confidentiality, prohibition against re-assignment, data security, etc.) in order to provide utmost protection of your Personal Data. Also, we shall monitor such company or organization is effectively complying with its data protection policies and practices.

  • 4. Disclosure to Third Parties

    • OmniOne may/will disclose your Personal Data to third parties (including our associated or affiliated organizations or corporations), whether located within or outside Singapore, for one or more of the above Purposes, as such third parties would be processing your Personal Data for one or more of the above Purposes. In this regard, you hereby acknowledge, agree and consent that we may/are permitted to disclose your Personal Data to such third parties (whether located within or outside Singapore) for one or more of the above Purposes and for the said third parties to subsequently collect, use, disclose and/or process your Personal Data for one or more of the above Purposes.

  • 5. GDPR Personal Information Processing

    • In accordance with General Data Protection Regulation (“GDPR”), we shall process your Personal Data only if and to the extent that at least one of the following applies:

      • you as a data subject have given consent to the processing of your Personal Data for one or more of the above Purposes;
      • processing is necessary for the performance of a contract to which you as a data subject are a party or in order to take steps at your request prior to entering into a contract;
      • processing is necessary for compliance with a legal obligation to which we are subject to, including, but not limited to, Applicable Law, legal procedure, governmental demands or requests;
      • processing is necessary in order to protect the vital interests of you or of another natural person, including, but not limited to, detection and prevention of fraud, abuse, security risks and technical issues;
      • processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us; or
      • processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of Personal Data, in particular where you as a data subject is a child.
  • 6. Retention Period

    • We will delete your Personal Data immediately as soon as it is reasonable to assume that (i) the purpose for which that Personal Data was collected is no longer being served by the retention of such Personal Data; (ii) retention is no longer necessary for any other legal or business purposes; and/or (iii) you request deletion of your Personal Data.

      Provided, however, that if it is necessary to retain your Personal Data in accordance with the Applicable Law, we shall keep your Personal Data for a period designated by the Applicable Law. Unless the Applicable Law prescribes otherwise, your Personal Data shall be retained for the following periods:

      • Data or records related to contract or subscription to our service, including withdrawal thereof: 5 years (Act on the Consumer Protection in Electronic Commerce)
      • Data or records related to payment and supply of goods and/or services: 5 years (Act on the Consumer Protection in Electronic Commerce)
      • Data or records related to consumer complaints or dispute handling: 3 years (Act on the Consumer Protection in Electronic Commerce)
      • Data or records related to collection, processing, and utilization of credit information: 3 years (Use and Protection of Credit Information Act)
      • Data or records related to marketing or advertisement: 6 months (Act on the Consumer Protection in Electronic Commerce)
      • Data or records related to internet and website logging-in, access and other activities of the users: 3 months (Protection of Communications Secret Act)
      • Data or records related communication confirmation: 12 months (Protection of Communications Secret Act)
  • 7. Deletion

    • We will delete your Personal Data immediately as soon as you have deleted your Mobile App from your mobile device. We will put in place measures such that your Personal Data stored in the blockchain or otherwise in our possession or control is anonymized via Hash Algorithm, so that the original data or information thereof cannot be verified or deciphered.

      Even if the anonymized version thereof is stolen, such data alone cannot be used to identify a specific individual nor be used as a basis for forgery, identity theft or related crimes. In addition, for the verification original data or thereof, we will instill a secondary authentication factor to require confirmation of your biometrics information that was entered at the Mobile App via FIDO authentication method at the point of registration.

      In all cases, we shall delete your Personal Data after retaining for a period designated by the Applicable Law. Unless the Applicable Law permits otherwise, your personal data retained after such period shall not be used for any other purpose.

  • 8. Protective Measures

    • Security of your Personal Data is important to us. We will put in place reasonable security arrangements to ensure that your Personal Data is adequately protected and secured. Appropriate security arrangements will be taken to prevent any unauthorized access, collection, use, disclosure, copying, modification, leakage, loss, damage and/or alteration of your Personal Data. After your Personal Data is verified as true and authentic, we shall encrypt your Personal Data and transfer it in a safe area within the Mobile App. In addition, for the verification original data or thereof, we will instill a secondary authentication factor to require confirmation of your biometrics information that was entered at the Mobile App via FIDO authentication method at the point of registration. The encrypted and anonymized version of your Personal Data via Hash Algorithm shall be stored on the blockchain server until your termination of the service. We shall use distributed ID (DID) and distributed PKI (DPKI) technology to prevent unauthorized access, disclosure, use, and modification of your Personal Data. Also, in order to ensure that your Personal Data is not lost, stolen, altered, or damaged during its processing, we shall install the following technical, administrative and physical measures:

      Type of Measures Details
      Technical
      • Personal Data Encryption and Transfer to “safe area”
      • Installation and Operation of Vaccine Software
      • Installation and Operation of Limited Access Control Devices
      Administrative
      • Appointment of Data Protection Officer and other responsible persons (collectively, referred as “Responsible Person”)
      • Regular Training for Responsible Person
      • Establishment and Implementation of a Robust and Continuous Internal Management Plan
      • Establishment and Implementation of a Robust Password Creation and Maintenance Policies and Procedures
      • Establishment and Implementation of Limited Access Authority to the Personal Data Processing System
      Physical
      • Restriction in Access Control to Responsible Persons Only
  • 9. Sharing of Personal Data

    • We shall share your Personal Data only under the following parties and/or situations:

      • Our partners, affiliates or associated organizations (including related corporations) or any of our agents, contractors or third party service providers, whether located in Singapore or elsewhere
        • any partners, affiliates or third party service providers that will provide administrative duties on behalf of us (i.e. payment processing, order fulfillment, product delivery, dispute settlement etc.); or
        • any partners, affiliates or third party service providers to whom disclosure is for carrying out OmniOne Services (including collecting and processing of your Personal Data on our behalf)
      • You provide prior written consent to us
        • You consent to sharing of your Personal Data with a specific company in order to receive its products and/or services;
        • You consent to sharing of your Personal Data with any websites or social media platforms operated by third parties
        • Other situations where you provide prior written consent to sharing of your Personal Data
      • Legal obligation
        • Disclosure of your Personal Data is required by Applicable Law
  • 10. Cookies and/or Web Beacons

    • We may use cookies and/or web beacons to identify you from other users.

      A cookie is a small file of letters and numbers that is sent by our server for the management of our website, which is then stored on your browser or the hard drive of your computer or device. Web beacon is a small code on our website or e-mail. The web beacon alerts us whether you used a specific web or e-mail content.

      We may use the cookies and/or web beacons for evaluating and improving our services in order to provide seamless experience for you and the other users.

      You can block or deactivate cookies, either in part or in entirety, in your browser settings. Provided, however, that if you choose to block or deactivate the cookies, your access and/or use of our services may be restricted or limited.

  • 11. Your Rights

    • You (or legal representative) as a data subject have the right to exercise the following rights in connection with the collection, use and sharing of your Personal Data.

      • Right to access your Personal Data;
      • Right to correct and/or delete your Personal Data;
      • Right to suspend the processing of your Personal Data; and
      • Right to withdraw the consent of the collection, use and sharing of your Personal Data.

      You may exercise the aforementioned rights by requesting to certificate issuing authorities of your Personal Data. You may also contact us (or Data Protection Officer, Responsible Person, etc.) in writing, or via phone or e-mail, and we will process your request within a reasonable time from the date such request is made. Note that the Applicable Law may exempt certain types of Personal Data from being subject to your request as well as provides for situation(s) when your request may not be accepted by us despite your request.

  • 12. Your GDPR Rights

    • You (or legal representative) as a data subject have the right to exercise the following rights in connection with the collection, use and sharing of your Personal Data.

      • Right to access;
        • You (or legal representative) have the right to obtain our confirmation as to whether or not your Personal Data is being processed (collection, use and/or sharing) in accordance with Applicable Law, and, where that is the case, access to your Personal Data.
      • Right to rectification;
        • You (or legal representative) have the right to obtain from us without undue delay the rectification of inaccurate Personal Data concerning you.
      • Right to erasure;
        • You (or legal representative) have the right to obtain from us the erasure of your Personal Data without undue delay, where (i) the Personal Data is no longer necessary in relation to the purposes for which they were collected or otherwise processed, (ii) you withdraw your consent on which the processing is based, or (iii) erasure (or request thereof) is made in accordance with Applicable Law.
      • Right to restriction of processing
        • You (or legal representative) have the right to obtain from us restriction of processing, where (i) the accuracy of your Personal Data is contested, (ii) the processing is unlawful and you oppose the erasure of your Personal Data and requests the restriction of use instead, (iii) we no longer need your Personal Data for the purposes of processing, but is required by you for the establishment, exercise or defense of legal claims, or (iv) restriction of processing (or request thereof) is made in accordance with Applicable Law.
      • Right to data portability
        • You (or legal representative) have the right to receive your Personal Data and right to request transmission of such data to another data controller, in accordance with Applicable Law.
      • Right to object
        • You (or legal representative) have the right to object to processing of your Personal Data for purposes related to direct marketing, public interest or in the exercise of official authority, or scientific or historical research.
      • Right to object to automated individual decision-making, including profiling
        • You (or legal representative) have the right to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

      You may exercise the aforementioned rights by requesting to certificate issuing authorities in your Mobile App. You may also contact us (or Data Protection Officer, Responsible Person, etc.) in writing, or via phone or e-mail, and we will process your request within a reasonable time from such a request being made. Note that the Applicable Law may exempt certain types of Personal Data from being subject to your request as well as provides for situation(s) when your request may not be accepted by us despite your request.

  • 13. Minors

    • We shall not collect Personal Data from any person below the age of 14 (or corresponding minimum age in accordance with Applicable Law). The Mobile App is not intended for use by any minors below the age of 14 (or corresponding minimum age in accordance with Applicable Law). We cannot and do not intend to, transact through the Mobile App directly with anyone we know to be under the age of 14 (or corresponding minimum age in accordance with Applicable Law). By providing any Personal Data to us, you declare and affirm that you are at least 14 years of age and above and agree to the terms set out in this Privacy Policy.

  • 14. Amendment

    • We reserve the right to amend this Privacy Policy from time to time. If we change this Privacy Policy, we will notify through the Mobile App. If required by law, we will seek your consent to the amended version of the Privacy Policy.

  • 15. Miscellaneous

    • Overseas Transfer of Personal Data
      • As a global company, we may/will transfer your Personal Data to other companies or third parties located outside of Singapore. We shall take appropriate measures to protect your Personal Data where your data is transmitted, retained or processed.
      • In the event that your Personal Data that is based in European Union or Switzerland is to be used or disclosed, we shall seek arrangements in accordance with Applicable Law, including, but not limited to compliance with US-EU Privacy Shield treaty and/or Swiss-US Privacy Shield treaty, adoption of standard contract terms approved by the European Union’s governing body or other safeguards (seeking of your consent) in line with European Union regulations.
    • Third Party website and/or services
      • Our Mobile App may be linked to third party’s websites, products and/or services. As the privacy policy of the third party may be different from this Privacy Policy, we encourage you to review the privacy policy of the third party.
    • California Residents
      • In the event you are a California resident, certain rights may be attached. In order to comply with California Online Privacy Protection Act, we shall provide necessary measures to protect your Personal Data.
      • If your Personal Data is leaked, you can request for information leakage confirmation. You can also request to certificate issuing authorities of your Personal Data to change and/or rectify your Personal Data at any time.
      • We do not track our Mobile App users. Even though we collect Location Data as outlined in this Privacy Policy, we do not use such Location Data for any purpose.
      • We do not collect your Personal Data through any marketing or advertising agencies nor provide your Personal Data for marketing purposes without your consent.
  • 16. Contact Us

    • If you have any queries on this Privacy Policy or any other queries or instructions in relation to how we may manage, protect and/or process your Personal Data, please do not hesitate to contact us, as stated below.

      • Name: OmniOne Pte. Ltd.
      • Mail Address: 16 Collyer Quay #17-00 Income at Raffles SINGAPORE
      • E-mail Address: contact@omnione.net
    • If you have any complaint or grievance regarding about how we are handling your Personal Data or about how we are complying with the Applicable Law, we welcome you to contact us with your complaint or grievance. Please contact us with your complaint or grievance by emailing our Data Protection Officer.

      • Data Protection Officer (DPO): Alex lee
        • Mail Address: 16 Collyer Quay #17-00 Income at Raffles SINGAPORE
        • E-mail: alexjlee@omnione.net
      • Other Responsible Person: Phillip Kim
        • Mail Address: 16 Collyer Quay #17-00 Income at Raffles SINGAPORE
        • E-mail: Privacy_omnione@omnione.net

      We will certainly strive to deal with any complaint or grievance that you may have speedily and fairly.

  • Last Updated on July 1, 2020
확인