Nito Privacy Policy

Data Protection Notice

This Data Protection Notice (“Notice”), as amended from time to time, sets out the basis which Nito Pte. Ltd. (“we”, “us”, “our”, or “Nito”) may collect, use, disclose or otherwise process personal data of our customers in accordance with the Personal Data Protection Act (“PDPA”). Nito Pte. Ltd., a Singapore company, located at 160 Robinson Road, #14-04 Singapore 068914 is committed to protecting and respecting your privacy. This Notice applies to personal data in our possession or under our control, including personal data in the possession of organisations which we have engaged to collect, use, disclose, or process personal data for our purposes.

This notice applies to information we collect whenever you use our (a) websites (any page on the nito.mn domain, including https://nito.mn) and (b) mobile application (any feature of the mobile application “Nito”) (collectively, the “Application”) or otherwise interact with us as described below. Please read the following thoroughly to comprehend our practices and views with regards to your personal data and how we will handle it.

We may make changes to this Notice occasionally. If we do make changes, we will inform you by updating the last revised date at the top of the notice. We may also provide additional notices to you (like sending an email to you or including a statement at the homepage of the Application). Please also do occasionally review our Data Protection Notice whenever you interact with us to be informed about the ways you can help protect your privacy and our information practices.

 

  1. Content

    By using the Application, you understand and agree that we are providing a platform for you to post text, graphics, photos or other materials (collectively referred to as "Content"), to the Application and to share Content publicly. Please be advised that other users may search for, see, use, or share any of your Content that you make publicly available through the Application, consistent with the terms and conditions of this Notice and our Terms of Use.

  2.  

  3. Personal Data

    1. As used in this Notice:

        customer” means a natural person who:

        • has contacted us through any means to find out more about our services, or
        • may, or has, entered into a contract with us for our services; and

        personal data” means data, whether true or not, about a customer who can be identified:

        • from that data; or
        • from that data and other information to which we have or are likely to have access.

    2. Depending on the nature of your interaction with us, some examples of personal data which we may collect from you include:
        • Information you provide to us directly:  your username, password and entity related email address in connection with our registration process and the maintenance of your account with us which allows you to use the Application. Please be advised that we do not request or require that you provide us with your name, address, phone number or any additional identifying information in order to use the Application; 
        • Content: Potentially personally identifying information that you provide may also include the content and images you post, publish or transmit when using the Application; 
        • Information about your visit to the Application: including download errors, the full Uniform Resource Locator (URL), length of visits to the Application, and products added to your shopping cart; 
        • Technical information: including browser type and version, the Internet Protocol (IP) address used to connect your computer to the Internet, operating systems, platforms, time zone setting, and browser plug-in types and versions.
        • Cookies and other Tracking Technologies: We may use web beacons (tracking pixels), cookies, and other tracking technologies to collect information about you when you interact with our emails or the Application, including information about your browsing behavior on the Application. We use this information to make improvements to the Application and your experience, to observe features and areas of the Application that are more popular, understand the effectiveness of campaigns, count visits, and determine whether an email sent by us was opened and if hyperlinks contained in the email was clicked. 
        • Analytics information. We may use third-party analytics tools to help us measure traffic and usage trends for the Application. These tools collect information sent by your device or the Application, including the pages you visit, sections of the Application that users visit, the posts that users view, user comments, poll results, aggregate user location statistical data, duration of use and other statistical data that assists us in continuously improving the Application. We collect and utilize this analytics information in the aggregate as it pertains to all of our users. As such, the analytics information that we collect cannot reasonably be used to identify any particular individual user.
        • Information from Third Parties. We may be provided with entity email addresses from third parties for purposes of verifying that a user continues to be affiliated with an entity or is affiliated with an entity.

    3. Other terms used in this Notice shall have the meanings given to them in the PDPA (where the context so permits).

     

  4. Collection, Use, Disclosure of Personal Data

    1. We generally do not collect your personal data unless:
      • it is provided to us voluntarily by you directly or via a third party who has been duly authorised by you to disclose your personal data to us (your “authorised representative”) after:
        • you (or your authorised representative) have been notified of the purposes for which the data is collected; and 
        • you (or your authorised representative) have provided written consent to the collection, use and/or disclosure of your personal data for those purposes, or
      • collection, use and/or disclosure of personal data without consent is permitted or required by the PDPA or other laws. We shall seek your consent before collecting, using and/or disclosing any additional personal data for a purpose which has not been notified to you (except where permitted or authorised by law).

    2. Purpose: In addition to some of the specific uses of information we describe in this Notice, we may collect, use and/or disclose your personal data for any or all of the following purposes:
      • performing obligations in the course of or in connection with our services requested by you;
      • developing and testing new products and features; 
      • diagnosing or fixing technology problems; 
      • for internal operations, including troubleshooting, data analysis, and research; 
      • displaying, sharing or publishing any Content you have submitted in connection with the Application; 
      • creating statistical data and poll results that do not identify you individually which we can commercialise, based on aggregate trends and usage statistics; 
      • providing advertising based on non-personally identifiable information shared with third party advertisers; 
      • verifying that a user continues to be affiliated with an entity or is affiliated with an entity;
      • responding to, handling, and processing queries, requests, applications, complaints, and feedback from you;
      • processing payment or credit transactions;
      • complying with any applicable laws, regulations, codes of practice, guidelines, or rules, or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority;
      • any other reasonable purposes for which you have provided the information;
      • transmitting to any unaffiliated third parties including our third-party service providers and agents, and relevant governmental and/or regulatory authorities, whether in Singapore or abroad, for the aforementioned purposes; and
      • any other incidental business purposes related to or in connection with the above.

    3. We may disclose your personal data:
      • where such disclosure is required for performing obligations in the course of or in connection with our services requested by you;
      • to third party service providers, agents and other organisations we have engaged to perform any of the functions listed in clause 3.2 above for us with;
      • to respond to a request for information if we believe disclosure is in alignment with any applicable regulation, law, or legal process, or as otherwise required by any applicable rule, law, or regulation;
      • in connection with, or during negotiations of, any sale, merger of company assets, acquisition or financing of a portion or all of our business to another company or individual;
      • if we believe that your actions are not consistent with our user policies and agreements, or to protect the property, safety, and rights of us or any third party;
      • with consultants, vendors, and other service providers who require access to such information to do work on our behalf
      • at your direction or with your consent; and/or
      • we may also share de-identified or aggregated information, which cannot reasonably be used to identify you.

    4. The purposes listed in the above clauses may continue to apply even in situations where your relationship with us (for example, pursuant to a contract) has been terminated or altered in any way, for a reasonable period thereafter (including, where applicable, a period to enable us to enforce our rights under any contract with you).
  5.  

  6. Withdrawing your consent

    1. The consent that you provide for the collection, use and/or disclosure of your personal data will remain valid until such time it is being withdrawn by you in writing. You may withdraw consent and request us to stop using and/or disclosing your personal data for any or all of the purposes listed above by submitting your request in writing or via email to our Data Protection Officer at the contact details provided below.

    2. Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us. In general, we shall seek to process your request within ten (10) business days of receiving it.

    3. Whilst we respect your decision to withdraw your consent, please note that depending on the nature and scope of your request, we may not be in a position to continue providing our services to you and we shall, in such circumstances, notify you before completing the processing of your request. Should you decide to cancel your withdrawal of consent, please inform us in writing in the manner described in clause 4.1 above.

    4. Please note that withdrawing consent does not affect our right to continue to collect, use and/or disclose personal data where such collection, use and/or disclose without consent is permitted or required under applicable laws.
  7.  

  8. Access to and Correction of Personal Data

    1. If you wish to make:
      • an access request for access to a copy of the personal data which we hold about you or information about the ways in which we use or disclose your personal data; or
      • a correction request to correct or update any of your personal data which we hold about you, you may submit your request in writing or via email to our Data Protection Officer at the contact details provided below.

    2. Please note that a reasonable fee may be charged for an access request. If so, we will inform you of the fee before processing your request.

    3. We will respond to your request as soon as reasonably possible. Should we not be able to respond to your request within thirty (30) days after receiving your request, we will inform you in writing within thirty (30) days of the time by which we will be able to respond to your request. If we are unable to provide you with any personal data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the PDPA).
  9.  

  10. Protection of Personal Data

    1. To safeguard your personal data from unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks, we have introduced appropriate administrative, physical and technical measures such as up-to-date antivirus protection, encryption and the use of privacy filters to secure all storage and transmission of personal data by us, and disclosing personal data both internally and to our authorised third party service providers and agents only on a need-to-know basis.

    2. You should be aware, however, that no method of transmission over the Internet or method of electronic storage is completely secure. While security cannot be guaranteed, we strive to protect the security of your information and are constantly reviewing and enhancing our information security measures.
  11.  

  12. Accuracy of Personal Data

    1. We generally rely on personal data provided by you (or your authorised representative). In order to ensure that your personal data is current, complete and accurate, please update us if there are changes to your personal data by informing our Data Protection Officer in writing or via email at the contact details provided below.
  13.  

  14. Retention of Personal Data

    1. We may retain your personal data for as long as it is necessary to fulfil the purpose for which it was collected, or as required or permitted by applicable laws.

    2. We will cease to retain your personal data, or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purpose for which the personal data was collected, and is no longer necessary for legal or business purposes.
  15.  

  16. Data Protection Officer 

    1. You may contact our Data Protection Officer if you have any enquiries or feedback on our personal data protection policies and procedures, or if you wish to make any request, in the following manner:
    2. DPO Name: Tsengel Chimeddorj

      Email Address: tsengel@irbis.sg

  17.  

  18. Effect of Notice and Changes to Notice

    1. This Notice applies in conjunction with any other notices, contractual clauses and consent clauses that apply in relation to the collection, use and/or disclosure of your personal data by us.

    2. We may revise this Notice from time to time without any prior notice. You may determine if any such revision has taken place by referring to the date on which this Notice was last updated. Your continued use of our services constitutes your acknowledgement and acceptance of such changes.