Thank you for your trust and support, we understand the importance of your personal information, we will take appropriate measures to protect your personal information. NOW, THEREFORE, Tiger, which includes Tiger Brokers (NZ) Ltd, Tiger Fintech (NZ) Ltd, Tiger Brokers (AU) Pty Ltd, Tiger Brokers (Singapore) Pte Ltd and other related companies (hereinafter “We/Tiger Brokers”) has instituted this Privacy Policy (hereinafter “this Policy/this Privacy Policy”) and hereby reminded you of:
Tiger Brokers has entered into or will enter into a Client Service Agreement with you for the relevant products or services provided to you (including services such as brokerage account opening and trading) and this Policy is part of the Client Service Agreement and applies to the products or services provided by Tiger Brokers.
This Policy has a close relationship with your use of our products and services. Please read this Policy carefully before using any of our products and services, and use the relevant products and services after you acknowledge that you fully understand and agree to this Policy. By starting to use any of our products or services, it represents that you fully understand and agree to this Policy and agree that we will collect, use, store, share and protect your related information in accordance with this Policy. Depending on the different use of the products and services and the different type of transactions, your personal information will be treated strictly in accordance with the Privacy Act and similar applicable laws of the relevant jurisdictions, including but not limited to:

• The Australian Privacy Principles in the Privacy Act 1988 and the Privacy Amendment (Enhancing Privacy Protection) Act 2012,
• The Privacy Act 2020 and Amendments and relevant Acts in New Zealand,
• The Personal Data Protection Act 2012 (PDPA) and relevant Acts in Singapore, and
• Personal Information Protection Law of the People's Republic of China and relevant laws and regulations.

If you have any questions about this Policy or related matters, please contact us through our customer service. 

This Policy will help you understand the following:
1. How we collect and use your personal information
2. How we use cookies and similar technologies
3. How we share, transfer and publicly disclose your information
4. How we protect your information
5. More rights or information of individuals covered by GDPR
6. Your rights
7. How we protect minors' information
8. How does your information move globally
9. How is this Policy updated
10. How to contact us.

1. How we collect and use your personal information
When you use our products and/or services, your personal information may be collected and used in the following two scenarios:
1.1 To provide you with the basic functions of our products and/or services, you must authorize us to collect and use the necessary information. If you refuse to provide such information, you will not be able to properly use our products and/or services;
1.2 Information you have chosen to authorize us to collect and use in order to provide you with additional functionality for our products and/or services. If you refuse to provide this information, you will not be able to use the related additional features or achieve the desired results, but it will not affect your normal use of the basic features of our products and/or services. 

You understand and agree that:
1.3 We are committed to developing a diverse range of products and services to meet your needs. We provide you with a large range of products and services and the scope of specific products/services can be chosen to be used by different users. Therefore, the basic/additional functions and the type and scope of personal information collected and used will vary accordingly. 

1.4 In order to bring you a better product and service experience, we continue to strive to improve our technology, with which we may launch new or optimized features from time to time, and may need to collect, use, or change the purpose or the way that personal information is used. In this regard, we will otherwise explain to you the purpose, scope and use of the relevant information by updating this Policy, pop-up window and webpage reminder and provide you with methods  to approve the same, and collect and use such information upon express consent from you. If you have any questions, comments or suggestions during such process, you may contact us by the contact information provided on our website and we will answer your questions as soon as possible. 
We will implement the following functions of this Policy to collect and use your personal information:

1.5 The information you offered when using our service
(1)Performance of anti-money laundering obligations and real-name system management in accordance with laws and regulations and regulatory provisions
When you apply for opening an account, you shall provide your identity information as required in accordance with laws, regulations and regulatory provisions, including name, nationality/country of legal residence, type/number of valid identity certificate, mobile phone number, email address, residential address information, date of birth, personal specimen signature, face identification information, tax information, the country of birth; if your permanent address is different from the ID address, you are required to separately provide documents to prove your residential address (for example, water and electricity bill/bank statement/driver license/housing property certificate/household register, etc. which contains address information). 
During the account opening process, when you perform face recognition and identity verification, you may need to enable the camera and album (photo album) permissions of the device. We will collect your facial features and valid identity documents and use them strictly within the scope of your authorization to safeguard the security of your account and transaction. If you do not want to provide the above information or refuse to open the above device permission, you may not be able to complete the account opening process  and will not be able to use the corresponding services and functions provided by us.

(2)Perform the "Know Your Client" assessment, client rating and risk rating evaluation in accordance with laws, regulations and regulatory provisions
According to the requirements of laws and regulations, at the time of opening your account, we need to assess and rate your investment appropriateness, and provide you with a risk rating assessment,  you must provide occupational status, asset information (scope of net current assets, scope of net assets, scope of total assets, and scope of net annual income) , investment objectives, and investment experience information (trading years and times of different varieties, and investment preferences). For retiree, you may be requested to provide information of your previous occupation. When you are employed or starting a business, you will need to provide detailed employment information, including company name, location and address, industry, and position. If you or your immediate family member is working with a regulator or listed company, you also need to fill in the name of the regulator, the stock code of the listed company and the name of the Exchange; when you are a student or homemaker, you only need to fill in the source of fund information. 

(3)Orders & Transactions
When you buy or sell securities, options or trade futures, on your own or by instructing us, you may need to provide us with the order type, the code, price and quantity, whether to trade through margin or short selling, the percentage of margin trading or short selling (if applicable), and/or time in force, and whether trading during pre-opening session and late trading session .
When you use the reminder function, you may need to enable the calendar permission of your device, and we will read/record the date of the company action you are following into the calendar according to your operation, to provide you with a timely reminder service.
When you open the fingerprint or face transaction verification function, you agree to authorize us to verify your fingerprint or face ID instead of verifying your transaction password for transaction security. You can also open the fingerprint or face verification function before entering the Trade page so that you can have a more secure experience.
If you do not wish to provide the above information or refuse to provide the above permissions, you will not be able to use the corresponding services and functions provided by us.

(4)Deposit/Withdrawal of Fund
When you deposit/withdraw funds from your account, based on risk control and anti-money laundering requirements, you need to provide your bank card account number, name of bank card holder (which must be consistent with the name of the securities account) and information about the amount of funds deposited/withdrawn. 

(5)Customer Service
To ensure the security of your account and system, you must provide us with the necessary personal information to verify your identity when you contact us or file a dispute or personal account application. 
For the convenience of contacting you and to help you resolve the problem as soon as possible or to record solutions and results of related problems, we may maintain records of your correspondence/telephone conversations with us and the relevant content (including account information, order information, other information you provide to substantiate the relevant facts, or contact information you left), and we will use your account information and order information if you make inquiries, complaints or suggestions with respect to a specific order. 
We may also use additional information about you, including the information you provided when contacting customer services and the replies you sent to us when you participated in the survey, to provide reasonable service and to improve the quality of service. 

1.6 To provide you with safety assurance
When you use our products and/or services, we may use or integrate your personal information and operation log information, including account status, login time, browsing history, watchlist, trading markets, trade symbol information, trading funds information, which also includes your IP address, browser type, language used, operating system version, date and time of access, network requests, etc. In this manner, we can comprehensively identify the risks to your account, conduct identity verification, detection and prevent security incidents, and take necessary recording, auditing, analysis and disposal measures according to the law.  Such instances of collection and use are also intended to improve the security of your use of our services, protect your personal information and property safety, or other users, or the public from being infringed upon, better prevent phishing sites, fraud, network vulnerabilities, computer viruses, network attacks and intrusions as well as other security risks, and more accurately identify violations of laws and regulations.

1.7 In accordance with relevant laws, regulations and national standards, we may collect and use your personal information in accordance with law without your authorization if the following circumstances apply:
（1）Directly relevant to the national security and national defense security;
（2）Relates directly to public security, public health or important public interest; and
（3）Those directly related to criminal investigation, prosecution, trial and execution of judgments;
（4）Your consent cannot be obtained in a timely manner for the purpose of protecting your or others’ material legitimate rights and interests such as life and property;
（5）The personal information collected is made public to the society by yourself;
（6）Collect your personal information from legally disclosed information, such as legal news reports, government information disclosure and other channels;
（7）It is necessary for the execution and performance of this Policy in accordance with your requirements;
（8）Necessary for maintaining the safe and stable operation of the Services provided, such as detection and handling of service failures;
（9）Required for lawful news reporting;
（10）Other circumstances stipulated by relevant laws and regulations. 

1.8 Rules for use of personal Information
(1)Please understand that the services we provide to you are constantly updated and evolving. If you choose to use other services that are not covered by the above instructions, we will inform you of the scope and purpose of the information collection through page prompts, interaction processes, and agreement, subject to your consent. We will use, store, provide external service and protect your information in accordance with this Policy and the corresponding client service agreement; if you choose not to provide the above information, you may be unable to use a certain service or part of the service, but your use of other services shall not be affected. 
(2)All personal information you provide when using our products and/or services, unless you have opted out of our collection through your system Settings, will be deemed to continue to authorize us to use it during your use of our products and/or services.
(3)We may keep statistics on the use of our products and/or services and may share these statistics with the public or third parties to demonstrate overall usage trends of our products and/or services. These statistics, however, do not contain any identifying information about you.
(4)We may use your account information and transaction information to conduct comprehensive statistics and analysis of your preferences, habits, account status and other information to form a user profile, which may be used to recommend or show you information about products and/or services that may be of interest to you, send you promotional information or display commercial advertisements via SMS, email, etc., or provide you with information consultation services or invite you to participate in customer research related to services, products or features in telephone follow-up.
For example, we will use your account opening information, including account opening time, account type, employer information, and send business notifications, user experience research, and provide guidelines, marketing and promotional information through the contact information you have provided (including but not limited to: cell phone number, e-mail, etc.). If you do not want to use this service, you can contact us directly through the contact information in Article 10 "How to contact us" to request us to stop providing the above information, and we will deal with it in a timely manner.

2. How we use cookies and similar technologies
2.1 Cookies
A cookie is a small text file created by a web site server and saved on a user's browser, and when a user visits a web site server, the web site can access cookie information. In addition to being used to identify users, cookies can also be used to store user information and track user access behavior. 
We do not use cookies to collect and track any information or behavior about a user, other than to verify the user's identity and login status. 
You can manage and delete cookies according to your preferences, and most browsers have the ability to disable or delete cookies from your system. Note that blocking cookies can cause some features on our website or system to not work or work effectively, which can affect your experience. 

2.2 Cookie homogeneity technology
In addition to cookies, we use Authorization or Web Beacon and other similar technologies on the web site.  Authorization is an HTTP protocol header that is passed behind the browser and the server of the Internet, instead of a cookie use .The Web Beacon can calculate who browses the web or access some cookies. We use Authorization to record your identity and collect information about your web browsing activities through the Web Beacon, such as Internet Protocol (IP) Address, Browser Type, Internet Service Provider (ISP), Visited Pages, Operating System, Date/Time Stamp, Click Data Stream, and so we can learn more about and improve our products and services. 

2.3 SDK technology
Our products and services will embed the third-party SDK and collect some information from you to ensure that you can use our services normally. Please refer to the Statement for using third-party SDK for details.
We will conduct strict security monitoring of APIs, SDKs and other SDKs and agree with authorizing partners on strict data protection measures to enable them to process personal information in accordance with our delegated purpose, service instructions, this Policy and any other relevant confidentiality and security measures. 

3. How we share, transfer and publicly disclose your information
3.1 Sharing
(1)Business Assistance
We undertake to keep your personal information strictly confidential. Unless otherwise required by laws, regulations and regulatory authorities, we will only share your information with a third party, including our affiliated companies, cooperative financial institutions and other partners, in the following circumstances. If we need to share your information with a third party in order to provide services to you, we will evaluate the legitimacy and necessity of the third party's collection of information. We will require third parties to protect your information and strictly comply with the relevant laws, regulations and regulatory requirements. In addition, we will obtain your consent in accordance with laws, regulations and national standards by way of confirmation agreement, copyright-confirmation in specific scenes, pop-up reminder and other means, or confirm that a third party has obtained your consent. 
A.Certain products or services may be provided by a third party or jointly by us and a third party. Therefore, in certain circumstances we may require to submit your identity information, contact information, professional information, asset information, investment information and order information to third parties (including liquidators and exchanges) in order to provide the products or services that you need;
B.With your prior consent, we will share your information with a third party to the extent permitted by laws and regulations and not against public order and good morals within the scope of your authorization. 

(2)Information validation
As required by laws and regulations, in order to effectively identify you, we will provide your name, date of birth, gender and ID number information to the third party authentication provider during the account opening process, so that we can identify you as a legitimate and valid customer, complete the account opening for you and provide follow-up services. 

(3)Supervisory Review
Relevant regulatory bodies, self-regulatory associations or competent organizations (including but not limited to various exchanges and governmental authorities) may request that we provide your  account and transaction information for purposes of supervision and inspection to confirm whether we have complied with our legal obligations. 

(4)Complaint Handling
If you make a complaint against us or another person or are complained against, to protect your and another person’s legitimate rights and interests, we may keep your name, contact information and content relevant to the complaint in the customer service system provided by a third party supplier and may provide the same to the consumer rights and interests protection department and regulatory authorities so that we may resolve complaints and disputes in a timely manner, except where such provision is expressly prohibited by laws and regulations. 

3.2 Transfer
We will not transfer your personal information to any company, organization or individual except in the following circumstances:
(1)Obtain your consent in advance;
(2)In accordance with laws, regulations or mandatory administrative or judicial requirements;
(3)Where the transfer of assets, acquisition, merger, reorganization or bankruptcy liquidation is involved, if the transfer of personal information is involved, we will inform you of the relevant situation, and require the new companies and organizations that hold your personal information to continue to be bound by this Policy. If the purpose for the use of personal information is changed, we will request the company or organization to obtain your consent. 

3.3 Disclosure to the public
We do not disclose your information in principle except for the desensitized display of the winner's mobile phone number or user nickname when announcing prize winners. If any public disclosure is required, we will obtain your consent by notifying you of the purpose of such public disclosure, the type of information to be disclosed and any sensitive information that may be involved. 

3.4 In accordance with relevant laws, regulations, policies and standards, we may share, transfer and publicly disclose your personal information in accordance with law without your consent in the following circumstances:
(1)Directly relevant to the national security and national defense security;
(2)Relates directly to public security, public health or important public interest; 
(3)Those directly related to criminal investigation, prosecution, trial and execution of judgments;
(4)Your consent is difficult to obtain for the purpose of protecting your or other individuals’ material legitimate rights and interests such as life and property;
(5)The personal information you disclose to the public by yourself;
(6)Personal information collected from legally and publicly disclosed information, such as legal news reports, government information disclosure and other channels. 
Please understand that, in accordance with applicable laws, if we take technical and other necessary measures to process personal information so that the data recipients cannot re-identify specific individuals and are unable to restore the same, you shall not be required to separately notify and obtain your consent for the sharing, transfer and public disclosure of such processed data. 

4. How we protect your information
4.1 We have taken reasonable and practical security measures in line with industry standards to protect your personal information against unauthorized access, public disclosure, use, modification, destruction or loss of data. We will take all reasonable and feasible measures to protect your personal information. We take physical, technical and administrative security measures to mitigate the risks of loss, misuse, unauthorized access, disclosure and alteration, including, but not limited to, transport-level data encryption, firewall and encrypted storage, physical access controls, and information access authorization controls. We've set up a security program to protect your information from unauthorized access. For example, you can communicate with all of our network communications and we ensure encryption is protected with encryption (SSL). Your personal information is encrypted and stored on our server with high strength encryption. We will use a trustworthy protection mechanism to prevent malicious attacks on personal information; we will deploy strict data access authority control and multiple identity authentication technologies to protect personal information and avoid illegal access and use of data. In the use of personal information, such as personal information presentation, personal information correlation calculation, we will use a variety of data desensitization techniques including content replacement, SHA256 to enhance personal information security. We strengthen the audit of personal information security by adopting automatic code security check and data access log analysis technology. 

4.2 We have an advanced data management system, which focuses on data life cycles, to improve the security of the whole system from organization construction, system design, personnel management, product technology and so on. For example, we have established data classification systems, data security management rules and security development rules to regulate the storage and use of personal information. We require all employees to sign a confidentiality agreement. We hold training courses on security and privacy, and strengthen employees' understanding of the importance of protecting personal information and conducts operations in strict accordance with protection requirements by such means as assessment and review as well as including data protection in their daily assessment. To further enhance security certification and services, we have passed the ISO27001 certification. 

4.3 If you are an EU user, under the GDPR terms, in addition to providing systematic personal data protection, our Security Department - Personal Information Protection Commissioner will act as Data Protection Officer (DPO) to be fully responsible for your data protection. 

4.4 We will take all reasonable and practical measures to avoid collecting unrelated personal information and will retain your personal information only for such periods of time as is necessary to achieve the purposes described in this Policy, unless an extension of the retention period is required or is permitted by law. 

4.5 Please understand that the Internet is not an absolutely secure environment. We strongly recommend that you use our products and services in a secure, sophisticated and reliable manner to help us secure your account. If you find that your personal information is leaked, especially if your account or password is leaked, please contact us immediately according to the contact information provided in this Policy so that we can take appropriate measures. 

4.6 In the event of a personal information security incident or we believe that there has been a privacy breach, we will identify the issue and take steps to minimize any harm. If we believe the breach has caused, or is likely to cause serious harm, we will contact our Security Department, the Personal Information Protection Commissioner. We will also inform you of the basic situation and possible impact of the incident, the measures we have taken or will take, the recommendations you can take to prevent and mitigate the risks, and the remedial measures you have taken. We will inform you by mail, letter, telephone or push notification. When it is difficult to inform each user one by one, we will take reasonable and effective way to publish announcements. At the same time, we will also report the disposal of information security incidents according to regulatory requirements. If you believe there has been a privacy breach, please contact us as soon as possible.

5. More rights or information of individuals covered by GDPR
If your personal information is established in the European Economic Area (‘EEA’), then with regard to personal information that is protected by the Common Data Protection Ordinance (‘GDPR’), you enjoy a range of legal rights with respect to the personal information that you retain at Tiger Brokers. Such rights include:
5.1 Obtain information about your personal information processing and access to your personal information retained in Tiger Brokers. Please note that in certain circumstances we have the right to deny access to copies of personal information, and in particular, information that is specifically protected by law and regulation. 

5.2 If your personal information is inaccurate or incomplete, you may request us to correct it, but if we require you to provide a copy of your valid identity document to prove the authenticity of your identity information, please cooperate. 

5.3 In some cases, you can ask us to delete your personal information. Please note that under certain circumstances (such as for public interest, public health or scientific and historical research purposes) we reserve the right to retain your personal information even if you request us to delete it. 

5.4 In some cases, you may refuse the processing of your personal information by us, and you may request us to limit the processing of your personal information. Similarly, in some cases, we have the right to reject your request even if you object or request us to limit the processing of your personal information. If there are other legal reasons, we also have the right to continue without your permission to use or deal with. 

According to the GDPR clause, in addition to providing systematic measures for the protection of personal data, we will also set up a Data Protection Officer (DPO) to take full charge of your data protection. 

We will evaluate all the requests and complaints we have received and provide you with timely responses. We may request that you provide copies of valid identification documents so that we may fulfill our security obligations and protect against unauthorized data disclosures. If your request for access to data is manifestly unfounded or extraordinary. 

For GDPR-protected personal information, we may be able to transfer your personal information outside the EEA for specific licensing purposes. We will ensure that any such international transmission is properly protected under GDPR or other relevant laws. 

6. Your Rights
In accordance with relevant laws, regulations and standards as well as common practices in other countries and regions, we guarantee that you exercise the following rights with respect to your personal information:
6.1 Access your personal information
(1)You have the right to access your personal information, subject to exceptions provided by laws and regulations;
(2)You can manage your account by logging on to the App homepage and entering Trade page. Click on "Trade - More - Account - Account Setting" to access and modify your ID information, Residential address, Job information, Asset information, and Tax information. 
(3)You can manage your transaction password by logging in to the App homepage and entering "Me" page. You can modify your transaction password by clicking on "Me - Security Settings - Change Password".
(4)You can login to our website homepage to enter the "My Account-Account Setting" page, access and modify your ID information, Residential address, Job information, Asset information, and Tax information.
(5)You can view your transactions on our website and in our apps;
(6)If you are unable to access the above information, you can contact the customer service, we will reply to your request within 20 working days;
(7)If you are an EU user, you will have the right to request that we access your personal data and transfer it to another data controller under the GDPR terms. 

6.2 Correct your personal information
You can correct or supplement your personal information in the way listed in Access to Your Personal Information. 
If you are unable to manage this personal information in this way, you can contact our customer service at any time. We will respond to your request for access within 20 working days. 

6.3 Delete your personal information
You can contact us through the contact information in "10. How to contact us" and request the deletion of your personal information, upon which we will delete your personal information in accordance with the applicable law.. You can request us to delete your personal information in the following cases:
(1)If we process your personal information in a manner contrary to the provisions of relevant law;
(2)If we collect and use your personal information without your consent;
(3)If we process personal information in serious violation of the terms of the agreement with you;
(4)If you no longer use any of our products or services, or you have actively closed an account;
(5)If we no longer provide any product or service to you;
(6)If you are an EU user, you are entitled to request us to delete your personal data according to GDPR terms. 
If we decide to respond to your request for deletion, we will also notify the entities that receive your personal information from us of the request to delete it in a timely manner, unless otherwise required by relevant law or regulation, or if they receive your separate authorization. When you remove information from our services, we may not immediately remove that information from the backup system, but we will remove it when we back up updates. 

6.4 Protect your personal information
You can protect your personal information by using a complex password without revealing your logon password or account information to anyone. Once you reveal your account number and password, it may have adverse consequences for you. If you find that your account and password have been leaked or will be leaked for any reason, please contact our customer service immediately so that we can take appropriate measures. But we are not responsible for this until we are aware of it and act within a reasonable period of time. 
We will not be liable for any loss of third party access to your personal information due to your failure to protect the confidentiality of your personal information. If you discover any unauthorized use or other security breaches, you must notify us immediately. Your assistance will help us to protect your personal information better. 

6.5 Change the scope of your authorized consent or revoke your authorization
You may change the scope of our continuous collection of personal information or revoke your authorization by deleting information, turning off the functions of the device or otherwise. You may also revoke our full authorization to continue to collect your personal information by canceling your account. 
You understand that each business function requires some basic personal information to complete. After you withdraw your consent or authorization, we cannot continue to provide you with the service for which you withdraw your consent or authorization, and we will no longer process your personal information. However, your decision to withdraw your consent or authorization will not affect the processing of personal information previously conducted based on your authorization. 

6.6 Cancel your account
You may apply for the cancellation of your account by:
(1)You can submit your account cancellation request in the "Help Center" - "Privacy Security" - "How to cancel your account" on the "Me" page. 
(2)Contact our customer service staff for assistance in applying to cancel your account. 
After you log out of your account, we will stop providing you with products or services, delete your personal information according to applicable laws, or make it anonymous. 

6.7 Constrained information system automatic decision
In some business functions, we may make decisions based solely on non-human automatic decision-making mechanisms such as information systems, algorithms, etc. If these decisions significantly affect your legitimate rights and interests, you have the right to request us to explain, we will also provide information without prejudice to our trade secrets or other rights and interests of users, social public interests. 

6.8 Respond to your request above
For security, you may be required to provide a written request or otherwise certify your identity. We may ask you to verify your identity before you process your request. We will give an answer within 20 working days. If you are not satisfied, you can also make a complaint through our customer service. For your reasonable request, we do not charge fees in principle, but for repeated, beyond the reasonable limit of the request, we may refuse or as appropriate charge a certain cost. In particular, we have the right to reject requests for information that is not directly related to your identity, information that is repetitive for no reason, or requests for which too much technical means are needed (for example, requests necessary to develop a new system or fundamentally change existing practices), which result in risks to the legitimate rights and interests of others or which are impractical. 
We shall have the right to reject your request in accordance with relevant laws and regulations in the following circumstances:
(1)Related to national security or national defense security;
(2)Related to public security, public health and major public interests;
(3)Related to criminal investigation, prosecution, trial and enforcement of judgments;
(4)There is sufficient evidence to prove that who has malicious intention or abuses his or her right;
(5)Response to your request will seriously impair the legitimate rights and interests of you or other individuals or organizations;
(6)Involving trade secrets. 

7.  How we protect minors' information
7.1 If you are a minor, according to the relevant laws and regulations, we will    refuse to provide certain services to you. 
7.2 If we find that you are a minor, we will refuse to provide you with certain services and delete your personal informationin accordance with the applicable law.

8.  How does your information move globally
The personal information collected and produced within the territory of relevant area will be stored within the location of the main entity of Tiger Brokers providing the service to you, except for the following circumstances:
8.1 The applicable laws have specific provisions; 
8.2 Obtain your explicit authorization; or
8.3 You obtain cross-border services directly through the Internet and commit other acts on your own initiative.
In particular, our contract with the recipient requires the recipient to protect your personal information in a way that, overall, provides comparable safeguards to those in this Policy for NZ entity or the applicable requirements in the Privacy Act 2000.
In response to the above, we will ensure adequate protection of your personal information under this Policy. 

9.  How is this Policy Updated
Our Privacy Policy may be updated and adjusted from time to time. 
Without your consent, we will not limit your rights under this Policy. We will show you the latest version of the Privacy Policy on a special page (e.g. Me → Settings → Privacy Policy). We will also provide even more significant notifications for major changes (including notifying you, sending emails to you or even providing you with pop-up tips). 
Material changes referred to in this Policy include but are not limited to:
9.1 Our service model has changed significantly. For example, the purpose of processing personal information, the type of personal information processed, the way to use personal information, etc.;
9.2 We have a significant change in control and other aspects, such as mergers and acquisitions caused by the information controller change;
9.3 Changes to the main objects of sharing, transfer or public disclosure of personal information;
9.4 There are significant changes in your right to participate in personal information processing and the way in which you exercise such right;
9.5 Changes in the department, contact information and complaint channel responsible for handling personal information security;
9.6 Personal information security impact assessment report shows that there is a high risk. 

10.  How to contact us
10.1 If you have any questions, comments or suggestions relating to this Policy or to your personal information or when you believe there has been a privacy breach, please contact online customer service by visiting the official website, send emails to service@ tigerbrokers.com or dial our customer service phone number 400-603-7555, etc. 
10.2 We have the Security Department, the Personal Information Protection Commissioner, which you can contact by sending an email to security@tigerbrokers.com. 
10.3 Under normal circumstances, we will reply to your comments within 20 working days after receiving them. If you are not satisfied with our reply, especially if you think that our personal information processing behavior has damaged your legitimate rights and interests, you can also complain or report to the relevant regulatory departments. 
10.4 Our Contact details in New Zealand: 
If you have any questions, feel that your privacy has been compromised in any way, or want to make a complaint, please contact the privacy and data protection officer:

• by email, at service@ tigerbrokers.com
• by letter at: Privacy and data protection officer, Level 27 151 Queen Street, Auckland Central, New Zealand, postcode 1010
  If you have been through our complaints and resolution process but are not satisfied, you can use one of these independent dispute resolution services:
  Office of the New Zealand Privacy Commissioner
• Online: privacy.org.nz (https://privacy.org.nz/)
• Phone: 0800 803 909
  (From overseas) +64 (0)4 47407590
• Email: enquiries@privacy.org.nz
  10.5 Our Contact details in Australia: 
• Office address: 2801/25 Bligh Street, Sydney, NSW, 2000
• Phone:+612 9169 6999
• Email: clientservice@tigerbrokers.com.au

Tiger Brokers (Singapore) Pte Ltd Privacy Supplement

This supplement is produced for Tiger Brokers (Singapore) Pte Ltd (“TBSPL”). At TBSPL, we understand that your privacy is important, and we endeavor to protect your personal information.

1. Purpose of Privacy Supplement

Tiger Singapore is bound by and acts in accordance with the Personal Data Protection Act 2012 (PDPA) and relevant Acts in Singapore (“Privacy Requirements”). As part of the Tiger Group, TBSPL collects and manages your personal information in accordance with group standards as well as with Privacy Requirements. Please read the Tiger Group’s Privacy Policy (“Policy”) in conjunction with this supplement. 

2. What information and how do we collect?

We collect your personal information when you register for an account with us or use our services or products. 
In addition to the personal information we collect from you during account opening, we may collect information about you from public registers, including government administered databases, or other information aggregating services when we assess your application for an account, or any of the products and services we offer.
As part of the account opening requirement, we may collect or verify your personal information via telephone. Your agreement to this supplement constitutes your acknowledgement and acceptance of such calls.

We generally do not collect your personal data unless:
(a)it is provided to us voluntarily by you directly or via a third party who has been duly authorized by you to disclose your personal data to us after (i) you (or your authorized representative) have been notified of the purposes for which the data is collected, and (ii) you (or your authorized representative) have provided your consent to the collection and usage of your personal data for those purposes, or
(b)collection and use of personal data without consent is permitted or required by the PDPA or other laws. TBSPL shall seek your consent before collecting any additional personal data and before using your personal data for a purpose which has not been notified to you in the Policy or this Supplement. (except where permitted or authorized by law).

3. What do we use your personal information for?

We may collect and use your personal data for any or all of the following purposes:
(a)performing obligations in the course of or in connection with our provision of the goods and/or services requested by you;
(b)verifying your identity;
(c)responding to, handling, and processing queries, requests, applications, complaints, and feedback from you;
(d)managing your relationship with us;
(e)processing payment or credit transactions;
(f)sending you marketing information about our goods or services including notifying you of our marketing events, initiatives and promotions, lucky draws, membership and rewards schemes and other promotions;
(g)complying with any applicable laws, regulations, codes of practice, guidelines, or rules, or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority;
(h)any other purposes for which you have provided the information;
(i)transmitting to our affiliates or any unaffiliated third parties including TBSPL’s third party service providers and agents, and relevant governmental and/or regulatory authorities, whether in Singapore or abroad, for the aforementioned purposes; and
(j)any other incidental business purposes related to or in connection with the above.
The purposes listed above may continue to apply even in situations where your relationship with us (for example, pursuant to a contract) has been terminated or altered in any way, for a reasonable period thereafter (including, where applicable, a period to enable us to enforce our rights under any contract with you).

4. Will your personal information be passed on to any third parties?

We may disclose your personal data:
(a)where such disclosure is required for performing obligations in the course of or in connection with our provision of the goods or services requested by you; 
(b)to third party service providers, agents and other organisations we have engaged to perform any of the functions listed in the purposes above for us.
(c)to affiliates within Tiger Brokers;
(d)to other financial services institutions or similar entities that we deal with as a result of the nature of our business or in relation to the products and services that you utilize (e.g. including third-party services or information providers accessible through our websites, sub-custodians or other third party brokers);
(e)to external services providers including consulting, legal, accounting or audit firms;
(f)to regulatory and government bodies in Singapore and in other countries;
(g)to professional firms engaged by us to match your personal information against government records; or,
(h)to other third parties as required by a court with jurisdiction.

5. Will you be able to withdraw your consent earlier provided to us?

Yes. The consent that you provide for the collection, use and disclosure of your personal data will remain valid until such time it is being withdrawn by you in writing. You may withdraw consent and request us to stop using and/or disclosing your personal data by submitting your request in writing or via email to our Data Protection Officer at the contact details provided below.
Upon receipt of your written request to withdraw your consent, we may require reasonable time for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us. In general, we respond to your request within thirty (30) calendar days of receiving it.
Please note that depending on the nature and scope of your request, we may not be able to continue providing our products or services to you and we shall, in such circumstances, notify you before completing the processing of your request. Should you decide to cancel your withdrawal of consent, please inform us in writing in the manner described above.

6. Can you access, update, correct your personal data which we hold about you? 

Yes. If you wish to make (a) an access request for access to a copy of the personal data which we hold about you or information about the ways in which we use or disclose your personal data, or (b) a correction request to correct or update any of your personal data which we hold about you, you may submit your request in writing or via email to our Data Protection Officer at the contact details provided below. We will respond to your request as soon as reasonably possible. In general, we respond to your request within thirty (30) calendar days of receiving it.
Please note that a reasonable fee may be charged for an access request. If so, TBSPL will inform you of the fee before processing your request.

7. How do we protect your personal data?

As we outlined in the Policy, to safeguard your personal data, we have introduced appropriate administrative, physical and technical measures to secure all storage and transmission of personal data by us, and disclosing personal data both internally and to our authorized third party service providers and agents only on a need-to-know basis.
You should be aware, however, that no method of transmission over the Internet or method of electronic storage is completely secure. While security cannot be guaranteed, we strive to protect the security of your information and are constantly reviewing and enhancing our information security measures.

8. How long do we retain your personal data?

We may retain your personal data for as long as it is necessary to fulfil the purpose for which it was collected, or as required or permitted by applicable laws.
We will cease to retain your personal data, or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purpose for which the personal data was collected, and is no longer necessary for legal or business purposes.

9. What else should you know about data protection?

In order to ensure that your personal data is current, complete and accurate, please update us if there are changes to your personal data by informing our Data Protection Officer in writing or via email at the contact details provided below. 

10. Transfers of personal data outside of Singapore

We generally do not transfer your personal data to any other entities in the countries outside of Singapore. However, if we do so, typically in cases where provision of the products and/or services requested by you requires us to do so, we will take steps to ensure that your personal data continues to receive a standard of protection that is at least comparable to that provided under the PDPA.

11. Who to contact?

You may contact our Data Protection Officer if you have any enquiries or feedback on our personal data protection policies and procedures, or if you wish to make any request, in the following manner:
Data Protection Officer
Email address: dpo@tigerbrokers.com.sg
Contact number: +65 6950 0591 or +65 6331 2277

12. Effect of notice and changes to notice

We may revise Policy and this Supplement from time to time without any prior notice. You may determine if any such revision has taken place by referring to the date on which this Notice was last updated. Your continued use of our services constitutes your acknowledgement and acceptance of such changes.