Last Updated: 24 Aug 2021

PRIVACY NOTICE (GDPR)

This Privacy Notice applies to personal data held by OSIM International Pte Ltd (Co. Reg. No. 198304191N) as data controller, as described below.

Whenever we have used “OSIM”, “we”, “us”, or “our” in this Privacy Notice, this means OSIM International Pte Ltd (Co. Reg. No. 198304191N).

The registered address of OSIM International Pte Ltd is 65 Ubi Avenue 1, OSIM Headquarters, Singapore 408939.

When This Privacy Notice Applies

If your personal data is covered by the General Data Protection Regulation (“GDPR”), e.g. because you are a resident of the European Economic Area, this Privacy Notice will apply to you.

If your personal data is not covered by the GDPR, this Privacy Notice does not apply to you. Please refer instead to the OSIM Personal Data Protection Policy at the following link.

This Privacy Notice covers the personal data of users of our products and services, our website, our online store, and our mobile applications, as well as any other persons who otherwise interact with us, for example, by responding to our surveys and questionnaires or attending our events (“you”, “your” and “yours”).

There may be other different or separate privacy policies/privacy notices that apply to specific products and services provided by us. This Privacy Notice supplements the other policies or notices and is not intended to override them.

Meaning of “Electronic Platforms”

Whenever we have used “Electronic Platforms” in this Privacy Notice, it means our website, online store, and mobile applications.

Your Submission of Data

If you provide us with any personal data relating to a third party (e.g. information of your spouse, children, parents, and/or employees), by submitting such information to us, you represent to us that you have obtained the consent of the third party to provide us with their personal data for the respective purposes.

You should ensure that all personal data submitted to us is complete, accurate, true and correct. Failure on your part to do so may result in our inability to provide you with the services you have requested.

Updates to this Privacy Notice

We reserve the right to change our Privacy Notice from time to time. If we decide to change our Privacy Notice, we will post the updated Privacy Notice on our website. If we make any material changes to this Privacy Notice, we will provide adequate notice to you.

Subject to applicable laws, the English version of this Privacy Notice will prevail over any version of this Privacy Notice in another language.

What Information We Collect

Examples of the personal data you may provide to us include:

• Personal details, e.g. your name, gender, date of birth
• Contact details, e.g. your telephone numbers, mailing address, or email address
• Information about your identity, e.g. your national identity card numbers or passport information
• Billing information, e.g. your bank and credit card details
• your network data, server logs, device ID and IP address
• information about your usage on OSIM website, of your OSIM products and services, e.g. the frequency and duration of your usage, the types of functions/features of your OSIM product that you used
• your preferences on how you would like to be contacted by us, your preferred products and services, lifestyle activities, and similar data.

When We Collect Information

Generally, OSIM collects your personal data either directly from you or from your authorised representatives (i.e. persons whom you have authorised, persons who have been validly identified as being you or your authorised representative pursuant to our then-current security procedures), from third parties, or from publicly available sources or through our products and services.

The data collected by the OSIM website are stored in cloud servers maintained by our third party service providers, e.g. Shopify.

We collect your personal data in the following ways.

1. The data collected through the OSIM website may include, personal data that you have input into the OSIM website, such as the personal details and contact details provided by you when registering for an account, information about your usage on OSIM website such as frequency and duration of your usage.

• Usage and Preference Information

We collect information about how you interact with our online services or mobile applications, such as preferences expressed, and settings chosen. In some cases we do this through the use of cookies, pixel tags, and similar technologies that create and maintain unique identifiers. To learn more about these technologies, please see our Cookie Statement. 

COOKIE STATEMENT "Cookies" are small text files stored on your computer. The cookie itself does not contain personal information, but contains information about your activity on our site to let us know whether you are a prior customer and to provide certain unique features to you. We do not use cookies to handle any financial information. The only personal information a cookie can contain is information you supply yourself. A cookie cannot read data off your hard disk or read cookie files created by other sites. OSIM uses cookies to track user traffic patterns. You can refuse cookies by turning them off in your browser. If you have set your browser to warn you before accepting cookies, you will receive the warning message with each cookie. This site requires you to have enabled cookies on your browser in order to tailor the shopping experience and to store information such as a shopping cart.

• Device Information 

When you use our mobile applications or website, we may collect information about your mobile device or computer, including, for example, the hardware model, operating system and version, software and file names and versions, preferred language, unique device identifier, advertising identifiers, serial numbers, device activity information (including device motion information) and mobile network information.

• Submission of Forms

We collect your personal data when you submit your personal data to us via forms in our mobile applications, our websites, our surveys or questionnaires, or when you submit a form for registering an account with us or any other forms relating to any of our services

• Customer Service Interactions

We collect your personal data such as your personal details, contact details and billing information when you interact with our customer service team or our marketing representatives, for example, via telephone calls, letters, face-to-face meetings and emails.

• Using Our Services

We collect your personal data such as your personal details, contact details and billing information when you use some of our services, for example, our website or our mobile applications, including establishing any online accounts with us.

• Account and Profile Information

We collect your personal data such as your personal details, contact details and billing information when you register for an account, create or modify your profile, set preferences, sign-up for or make purchases through our online store or mobile applications.

• Third Parties

We may receive your personal data:

• when you integrate or link a third-party service with our Electronic Platforms, e.g. if you create an account or log into the Electronic Platforms using your Facebook credentials, we receive your personal data as permitted by your Facebook profile settings in order to authenticate you.
• when we receive contact data, financial data and transaction data from providers of technical, payment and delivery services; or
• when we receive references from business partners and third parties, for example, where you have been referred by them;

• OSIM Global Network

We may receive your personal data from the other companies in our corporate group (such as our subsidiaries), or our franchisees, distributors or other authorised resellers of our products and/or services (“OSIM Global Network”).

For example, when you have purchased OSIM products or services from a member of the OSIM Global Network, we may receive your personal data from that member of the OSIM Global Network for the purpose of resolving complaints and handling requests and enquiries from you about OSIM products or services.

• Request for Us to Contact You; Subscription to Mailing List

We collect your personal data such as your personal details and contact details when you request that we contact you, or that you be included in an email or other mailing list.

• Promotions and Requests for Additional Personal Data 

We collect the personal data that you submit to us when you respond to our promotions, lucky draws, initiatives or to any request for additional personal data.

• Feedback, Surveys and Market Research

We collect the personal data that you submit to us when you provide feedback to us, respond to our surveys, or participate in market research.

Legal Basis for Data Processing

We will generally process your personal data based on the following legal justifications:

• you have given your consent to the processing ("Consent Basis");
• processing is necessary for the performance of a contract with you, or processing is necessary to carry out pre-contractual steps that are taken at your request ("Contractual Basis");
• the processing is necessary to comply with a legal obligation ("Legal Obligation Basis"); or
• the processing is (i) necessary for OSIM to realize its legitimate interest in being responsive to you, to provide customised services and marketing and to ensure the proper functioning of our products, services and organisation, or (ii) necessary for OSIM’s related companies, franchisees, distributors or other authorised resellers to provide services and products to you ("Legitimate Interest Basis"). 

How We Will Use Your Information

We may collect, and use your personal data for the following purposes and based on one or more legal justifications, as set out below:

Purpose	Justifications
a. Provide and Maintain Services: We may process your data for the purpose of allowing us to provide you access to our services and any relevant customer support. For example, we need to use your information to provide you with certain features of the OSIM mobile applications, such as allowing you to access massage programs that are linked to your OSIM account. We also need to use your account information and past purchase and usage history to provide you with mobile application features that allow you to view your product purchase history or past product usage activity. We may also use your data to send you information about the products and services that you have purchased from us. For example, we may send you product care information, product operation videos or reminders about product maintenance. We may also send you updates about the status of your product’s warranty.	Contractual Basis and/or Legitimate Interests Basis
b. Product Enhancement and Development We may process your data to analyse your usage of the mobile applications and your OSIM product for purposes of product enhancement and development.	Legitimate Interests Basis
c. Internal Policies, Administration and Business Operations We may process your data for the purpose of managing the administrative and business operations of OSIM and complying with internal policies and procedures.	Legitimate Interests Basis
d. Business Asset Transactions We may process your data for the purpose of facilitating business asset transactions (which may extend to any mergers, acquisitions or asset sales) involving us.	Legitimate Interests Basis
e. Crime Prevention and Managing of Commercial Risks We may process your data for the purpose of preventing, detecting and investigating crime and analysing and managing commercial risks and conducting investigations relating to disputes, billing or fraud.	Legitimate Interests Basis
f. Complaint Resolution, Requests and Enquiries We may process your data for the purpose of resolving complaints and handling requests and enquiries.	Legitimate Interests Basis
g. Legal Purposes We may process your data for legal purposes, including but not limited to obtaining legal advice and dispute resolution, and meeting or complying with any applicable rules, laws, regulations, codes of practice or guidelines issued by any legal or regulatory bodies which are binding on OSIM (including responding to regulatory complaints, disclosing to regulatory bodies and conducting audit checks, due diligence and investigations). (For example, we may disclose information to comply with a law, regulation, legal process, or governmental request; to assert legal rights or defend against legal claims; or to prevent, detect, or investigate illegal activity, fraud, abuse, violations of our terms, or threats to the security of our services or the physical safety of any person.)	Legitimate Interests Basis and/or Legal Obligation Basis
h. Data Matching We may match any personal data held by us which relates to you with any other personal data that we hold for any of the purposes that are listed in this table. (For example, we may combine your personal data collected from your activities on your OSIM mobile application with personal data collected via your interactions with us at our other customer touchpoints, e.g. your account on our OSIM website, or your interactions with our customer service team, for the purposes of providing you with a uniform experience across all OSIM customer touchpoints.)	Legitimate Interests Basis
i. Media Announcements and Responses We may collect and use your data for the purpose of providing media announcements and responses if you have consented to it. (For example, we may use your personal data, such as your name and photographic/video footage of you, for this purpose if you have consented to the release of such personal data for the purpose of OSIM making any media announcements or responses.)	Consent Basis
j. Promotional Events, Contests, Marketing Campaigns We may collect and use your data for the purpose of organising promotional events, administering contests, competitions and marketing campaigns. (For example, if you have indicated that you wish to receive marketing sales, marketing or promotional materials from us, we may use your personal data to contact you to inform you about our promotions, contests, competitions, and provide you with product or service recommendations.)	Legitimate Interests Basis
k. Market Research We may collect and use your data for the purpose of conducting market research to enable us to understand and determine customer preferences and demographics to develop special offers and marketing programmes in relation to our products and services, and to improve our service delivery and personalise our customers’ experience at our touchpoints.	Legitimate Interests Basis
l. Special Promotions, Loyalty and Reward Programmes We may collect and use your data for the purpose of providing additional products and services and benefits to you, including promotions, loyalty and reward programmes from OSIM. For example, when you sign up for our newsletter or for an account with us, we may use your contact details to provide you with information about exclusive promotions, loyalty and reward programmes. We may use your personal data to determine if you are eligible to receive special promotions, for example, birthday treats or other rewards and promotions specifically offered to the category of customers that you fall within.	Legitimate Interests Basis
m. Customise Your Customer Experience We may collect and use your data for the purpose of customizing our marketing, e.g. by providing you with product recommendations based on your past purchases or based on your responses to optional questions on our customer surveys.	Legitimate Interests Basis
n. Direct Marketing (If You Opt-In) If you have indicated that you wish to receive direct marketing messages from us, we will use your personal data to send you advertisements involving details of our products and services, special offers and rewards, which may either be sent to our customers generally, or which we have identified may be of interest to you (including but not limited to upselling, cross selling and online marketing).	Consent Basis
o. Processing of Performance Data We may process your Performance Data that is collected via the OSIM smart device products or website to provide more meaningful insights and information for you to manage your fitness and wellness goals. For example, we may send you product or service recommendations that are personalised for you based on the preferences you have expressed when using your OSIM smart device products or website.	Legitimate Interests Basis
p. Social Sharing Features Our Electronic Platforms may integrate with social sharing features and other related tools which let you share actions you take on our services or any data collected by your OSIM Smart Products with other apps, sites, or media, and vice versa. For example, you may choose to share screenshots of your in-App activity to other apps, sites or media through the screenshot sharing feature in OSIM mobile applications. Your use of such features enables the sharing of information with your friends or the public, depending on the settings you establish with the social sharing service. Please refer to the privacy policies of those social sharing services for more information about how they handle the data you provide to or share through them; Our mobile applications may also have social media tools or features that allow you to sign up for an account with OSIM by giving us permission to retrieve and collect your personal data (such as your email address) from other apps, sites, or social media platforms. When you use such tools or features, we will collect and use your personal data for the purposes of establishing your new account with OSIM.	Legitimate Interests Basis

Who We Might Share Your Information With

Your personal data may be disclosed, for the purposes listed below and based on one or more legal justifications, as set out below:

Disclosure of personal data made to:	Justification
a. Related Corporations Recipients: OSIM’s related corporations (e.g. OSIM’s holding companies, subsidiaries and other companies in the same corporate group as OSIM) and employees of those aforementioned companies Purpose: to provide content, products and services to you, address your questions and requests in relation to your customer accounts, subscription and billing or order arrangements with us as well as our services, to activate, deactivate, install, maintain and operate our systems and/or services	Legitimate Interests Basis and/or Contractual Basis
b. External Service Providers Recipients and Purpose: Businesses, agents, contractors or third party service providers who provide operational services to OSIM so that OSIM can receive operational services from those aforementioned parties. We will only provide our service providers with the personal data which is necessary for them to perform their services For example, your personal data may be disclosed to our external vendors providing us with services such as insurance, consultancy, cloud storage, courier services, telecommunications, information technology, payment, printing, billing, payroll, processing, technical services, training, market research, call centre, or security services, customer relationship management services, marketing and sales assistance, etc.	Legitimate Interests Basis
c. Business Partners, Investors Recipients and Purpose: any business partner, investor, assignee or transferee (actual or prospective) for the purpose of facilitating business asset transactions (which may extend to any merger, acquisition or asset sale) involving us	Legitimate Interests Basis
d. OSIM Global Network Recipients: our franchisees, distributors and other authorised resellers of our products and/or services Purpose: to allow members of the OSIM Global Network to use your personal data for the reasons and purposes listed above in the section titled “How we’ll use your information”.	Legitimate Interests Basis and/or Contractual Basis
e. Professional Advisors Recipients: our professional advisers such as auditors and lawyers in connection with legal claims, compliance, regulatory, and audit functions.	Legitimate Interests Basis
f. Regulatory Authorities, Law Enforcement Recipients: relevant government regulators, statutory boards or authorities or law enforcement agencies Purpose: the purpose of complying with any laws, rules, guidelines and regulations or schemes imposed by any governmental authority.	Legal Obligation Basis
g. Social Sharing Features: Recipients and Purpose: When you use social sharing features and other related tools which allow you to share actions you take on our services or any data collected by your OSIM Smart Products with other apps, sites, or media (“Social Sharing Features”), we will share the data that you have chosen to share via the Social Sharing Features with the third party apps, sites or media that you permit us to share your data with. For example, you may choose to share screenshots of your in-App activity to other apps, sites or media through the screenshot sharing feature in OSIM mobile applications. Your use of such features enables the sharing of information with your friends or the public, depending on the settings you establish with the social sharing service. Please refer to the privacy policies of those social sharing services for more information about how they handle the data you provide to or share through them.	Legitimate Interests Basis
h. Parties Authorised By You Recipients and Purpose: any party to whom you authorise us to disclose your personal data to for the purposes that you have authorised to disclose your personal data for.	Consent Basis

How Long We Will Keep Your Information

OSIM will retain your personal data for as long as it is necessary to fulfil the purpose for which it was collected, or as required by relevant laws.

If you have de-registered any account you have with us, we will delete the personal data associated with that account as soon as reasonably possible unless there is a valid legal or business purpose for the continued retention of such data whereupon the personal data shall be retained only for the duration of such valid legal or business purpose.

When we no longer need to use your personal data, we will remove it from our systems and records and/or take steps to anonymise it so that you can no longer be identified from it.

Transferring Your Information Overseas

Your personal data may be transferred to and processed in all countries where we have established a legal presence by our affiliates and our service providers.

List of Countries where your personal data may be transferred to and processed in: 1. Singapore 2. USA

We will take all steps that are reasonably necessary to ensure that your personal information is treated securely and in accordance with this Privacy Notice as well as applicable data protection laws, including, where relevant, by entering into EU standard contractual clauses (or equivalent measures) with the party outside the European Economic Area (available here).

Personal Data of Children

We do not knowingly collect personal data from children under 13, or equivalent minimum age depending on jurisdiction. If you become aware that a child has provided us with personal data without parental consent, please contact us at dpo@OSIM.com.sg.

If we learn that we have collected the personal information of a child under 13, or equivalent minimum age depending on jurisdiction, without parental consent, we will take steps to delete the information as soon as possible.

Your Rights

If you are a resident in the European Economic Area, you have the following rights in relation to your personal data:

1. The right of access

You have the right to obtain the following from us confirmation that we are processing your personal data, a copy of your personal data that we are processing, and information about how we process it.

2. The right to rectification

You have the right to have inaccurate or incomplete personal data about you rectified.

3. The right to erasure

You have the right to request that we delete personal data that we process about you, except we are not obliged to do so if we are entitled or required to retain your personal data, for example, where we need to retain such data in order to comply with a legal obligation or to establish, exercise or defend legal claims.

4. The right to restrict processing

You have the right to restrict our processing of your personal data in the following circumstances:

• when you are contesting the accuracy of your personal data and we are verifying the accuracy of the data
• when our processing is unlawful and you want us to restrict processing of your personal data instead of erasing your personal data
• when we no longer need to process such data for a particular purpose but you need us to keep it in order to establish, exercise or defend a legal claim
• when you have objected to us processing personal data we hold on the basis of our legitimate interest and you wish us to stop processing your personal data whilst we determine whether there is an overriding interest in us retaining such personal data

5. The right to data portability

You have a right to obtain personal data we hold about you, in a structured, electronic format, and to transmit such data to another data controller, where this is (a) personal information which you have provided to us, and (b) if we are processing that data on the basis of your consent or to perform a contract with you.

6. The right to object

Right to Object to Direct Marketing

You have the right to object to us processing your personal data for direct marketing at any time. This includes any profiling of data that is related to direct marketing.

Right to Object to Processing Based on Legitimate Interest Justification

Where the legal justification for our processing of your personal information is our legitimate interest, you have the right to object to such processing on grounds relating to your particular situation. We will abide by your request unless we have compelling legitimate grounds for the processing which override your interests and rights, or if we need to continue to process the data for the establishment, exercise or defence of a legal claim.

7. Withdrawing Consent

If you have consented to our processing of your personal data, you have the right to withdraw your consent at any time, free of charge. However, please note that OSIM may be unable to provide you with access to certain services as a result of your withdrawal of consent.

If you wish to withdraw your consent to our processing of your personal data, please contact OSIM's Data Protection Officer at dpo@OSIM.com.sg.

8. Access and Correction

You can make a request to exercise any of these rights in relation to your personal information by sending the request:

• by mail to 65 Ubi Avenue 1, OSIM Headquarters, Singapore 408939; or
• by email to dpo@OSIM.com.sg

If you believe that we have not complied with applicable data protection laws, you also have the right to lodge a complaint with the local data protection authority of the European Economic Area country where you live or work or where the alleged infringement of the GDPR occurred.