Personal Data Protection Statement

Lighthouse Canton Pte Ltd.("LCPL"), a regulated organization incorporated in the Republic of Singapore (Registration No: 201422117K).LCPL and its related/affiliate companies (including Lighthouse Canton Capital (DIFC) Pte Ltd, Lighthouse Canton UK Limited and LC Capital India) constitute LC Group (also referred to below as “we”, “our” and “us”). Each of the individual entity is considered a Data Controller in terms of General Data Protection Regulation (“GDPR”).For certain functions, one or more entities may together collect and use your personal data, in those conditions, they are collectively considered as Joint Controller in terms of GDPR.

Protection of your Personal Data is important to us. LC Group’s Privacy Policy outlines how we manage the Personal Data we collect, use and disclose. This Privacy Policy applies to all departments and business units across LC Group. LC Group is committed to complying with the Personal Data Protection Act 2012 (“PDPA”) and/ or applicable Data Protection laws. Please read this Privacy Policy so that you know and understand the purposes for which we collect, use and disclose your Personal Data.

Please note that LC Group provides several products and services, each with their own Personal Data processing needs, some of which are more extensive than others. The Personal Data we collect from you is limited to the specific products and services you have signed up for or subscribed or entered in agreement for, and therefore, some clauses in this privacy notice may not be applicable to you. This privacy notice applies to our website, online portal, mobile applications, feedback forms, and any other means through which we may collect your Personal Data(collectively referred to here as our “Platforms”).

1. Your Personal Data

1.1 “Personal Data” as defined in the PDPA means refers to any data or information about you from which you can be identified either (a) from that data; or (b) from that data and other information to which we have or are likely to have access. Examples of such Personal Data which you may provide us include, but is not limited to (depending on the nature of your interaction with us):

  • your name, NRIC number, passport number or other identification number, telephone number(s), mailing address, email addresses and any other information relating to you which you have provided us in any form you may have submitted to us (i.e. job application forms, etc.), or in our other forms of interaction with you;
  • information about your use of our websites and services, including cookies, IP addresses, email subscription and membership details (where applicable);
  • your Curriculum Vitae, employment history, testimonials and referrals, previous drawn income, education background, medical history and disabilities and legal and bankruptcy  history (if applicable); and
  • your payment related information, such as your bank account details (where applicable).

“Personal data” as defined in GDPR means any information relating to an identified or identifiable natural person(“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

 

As GDPR “processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

 

LC Group adopts a pragmatic approach in our business conduct.

1.      What is the Legal Basis of processing your Personal Data:

LC Group processes Personal Data only when we have legal basis to do so and for what is required in business or in activities conducted by our organization. We do not process Personal Data randomly or indiscriminately without purpose. In all cases the legal basis will be either of the following:

 

1.1.  Consent

 

We may process your Personal Data based on your specific consent, including for sending tailored materials like service updates and promotions. You can withdraw this consent at any time by contacting us using the information provided below. Additionally, you can opt out of receiving marketing communications from us by using the Unsubscribe option provided in the marketing communication. It is important to note that if you withdraw your full consent, in certain cases, it could mean that we will not be able to provide parts or all our services.

 

1.2.  For performance of contract

 

When you procure any service from us, such as availing Wealth Management, Asset Management, Corporate Financing (also referred as Arranging deals in Investment) or any other service regardless of the terminology, we process your Personal Information to provide you with those services.

 

 

1.3.  Compliance with legal obligations

We are subject to several legal obligations and needs to use your Personal Data to comply with those obligations, including but not limited to for Client Due Diligence as per AML regulations, FATCA/ CRS reporting, responding to government requests and other requirements of  law enforcement agencies.

 

LC Group does not disclose your Personal Data unless prior consent has been obtained and we have administrative, physical and Information Technology (IT) security measures in place to protect your Personal Data. This does not affect any rights which LC Group may have at law in connection with the collection, use or disclosure of your Personal Data.

 

2. Collection of Personal Data

2.1 What type of personal data collected:

We may collect the following types of personal data about you, if you are:

  • An individual availing any service from us.
  • A representative of, or an individual directly or indirectly related to or associated with: (i) a company, business or organisation that is our client; or (ii) a person or a company, business or organisation that has a relationship with our client.

Personal data wecollect with respect to entity client relationships is primarily limited to theinformation on directors and officers, other employees, direct and indirectbeneficial owners and authorised persons we need to enable us to meet our duediligence obligations, signatory details and contact information of individualswe interact with to enable the provision of products and services to clients.

 

If you give ussomeone else’s personal data, you must have their permission and explain tothem how we’ll use it.

 

We may collect the following types of personal data about you, as relevant and allowed by law:

  • Identification data– information that identifies (uniquely or semi uniquely) you. For example, your name, your date of birth, your gender, your user login credentials, your photographs, video recordings of you and other identifiers, including official/government identifiers such as national identification number, passport number and tax identification number.
  • Contact data –information that allows addressing, sending or communicating a message to you.For example, your email address, your phone or mobile number and yourresidential or business address.
  • Professional data – information about your educational or professional background.
  • Behavioural data– analytics information that describes your behavioural characteristics relating to your use of our products and services. For example, usual transactional activities, browsing behaviour on our websites and how you interact as a user of our products and services, or those provided by third-party organisations, such as our advertising partners and social media platform providers.
  • Personal relationship data – information about associations or close connections between individuals or entities that can determine your identity. For example, spouse or employer relationships.
  • Communications data – information relating to you contained in voice, messaging, email, live chats and other communications we have with you. For example, service requests.
  • Financial and commercial data – your account and transaction information or information that identifies your financial position and background, status and history as necessary to provide relevant products and services. For example, your source of wealth, your source of funds, your financial history.
  • Biometric data–information that identifies you physically. For example, facial recognition information, your fingerprint or voice recognition information.
  • Health data–information relating to your health status. For example, disability information relevant to accessibility. 
  • Criminal convictions, proceedings or allegations data –information about criminal convictions or related information that we identify in relation to our financial crime prevention obligations, for example, details about any criminal convictions or related information. This includes details of offences or alleged offences or convictions.

We usually get your personal data directly from you, but we may also obtain your personal data from other sources as necessary, depending on the relevant products and services that we are providing, including from:

People you know - such as:

  • parents or guardians of minors. If you are a minor (normally this means if you are under 18 years old, but this might be younger depending on where you live). We will get your parent or guardian’s consent before collecting, using or sharing your personal data
  • Your joint account holders
  • Your referees; and
  • Other people you appoint to act on your behalf

Businesses and other organisations– such as:

 

  • Your employer and/or company, business or organisation you represent or is related to you
  • Other financial institutions and financial service providers
  • Strategic referral partners, including business alliance or other companies or organisations that we cooperate with based on our contractual arrangements to provide relevant third-party products and services
  • Service partners, such as advertising and market research companies and social media platform providers
  • Regulatory and other entities with authority over us, such as tax authorities, law enforcement or authorities imposing financial sanctions

 

Publicly available resources–such as online registers or directories or online publications, social media posts and other information that is publicly available.

Cookies– when you visit, browse, or use our websites, or mobile applications, we may use cookies to automatically collect certain information from your device. We may use such information, where relevant, for internal analysis and troubleshooting, to recognise you and remember your preferences, to improve the quality of and to personalise our content and to determine the security status of your account. For more information on how we use cookies and how you can control them when visiting our websites, please see our Cookie Policy.

2.2 How we collect your Personal Data:

  • when you submit soft or hard copy forms relating to any of our products and/or services;
  • when you register for or use any of our services on websites owned or operated by LC Group or when you register as a member of websites owned or operated by us;
  • when you interact with our employees and staff, including during face-to-face meetings or by way of the telephone;
  • When you enter into a contract with us or use or purchase our services and/or products;
  • When you establish any online accounts with us;
  • When you submit a request for us to contact you;
  • When you respond to our request to submit additional Personal Data;
  • When you subscribe or ask to be included in an email or other mailing list;
  • When you respond to our promotions and other marketing and publicity initiatives;
  • When you respond to our market surveys;
  • When you submit a job application or a scholarship application;
  • When we receive references from business partners and third parties;
  • When you submit your personal data to us for any other reason; and
  • When you browse our website. Please refer to the Cookie Policy for more information.

     

3. How do we use Personal Data and to whom may we disclose it?

3.1 We need to understand your needs to provide you with products and services that you require. To do this effectively, LC Group needs to collect certain Personal Data.

3.2 In general, LC Group may collect, use and disclose your Personal Data for the following purposes:

  • to provide you with the products and/or services that have been purchased or requested;
  • to help manage the delivery of and enhance our products and services, including analysing current customer needs and identifying potential future needs;
  • updating your records in our databases; monitoring and maintaining a copy of your record of previous transactions with LC Group;
  • to communicate and respond to your queries, requests and complaints;
  • to provide ongoing marketing and publicity information about our products and services and upcoming events which may be of interest to you;
  • to handle disputes and complaints and conduct and facilitate investigations and proceedings when required;
  • to protect and enforce LC Group’s  contractual and legal rights and obligations;
  • to prevent, detect and investigate crime, and to analyze and manage other commercial risks;
  • to manage the infrastructure and business operations of LC Group and to comply with other LC Group internal policies and procedures;
  • to facilitate business asset transactions (which may extend to any merger, acquisition or asset sale) involving LC Group;
  • to comply with any applicable rules, laws and regulations, codes of practice or guidelines or to assist in law enforcement and investigations by relevant authorities.

3.3 In addition, LC Group may collect, use and disclose your Personal Data for the following purposes, depending on the nature of our relationship with you:

If you have a customer account with us, are a prospective customer or a customer:

  • to process your application for a LC Group account;
  • to maintain and administer your LC Group account with us;
  • to verify your personal particulars and process payment requests in relation to provision of products and services, which you may be entitled to, or which you may have requested for;
  • to provide you with the products and services which you may have entered into a contract with LC Group for or purchased from LC Group;
  • to communicate changes and developments to LC Group's policies, terms and conditions and other administrative information, including for the purposes of servicing you in relation to products and services offered to you;
  • to send marketing and publicity emails which may of interest to you;
  • to resolve complaints and handle requests and enquiries;
  • to conduct market research for statistical, profiling, statistical analysis and planning for the improvement of LC Group’s products and services provided to you; and
  • to process your Personal Data in relation to any of the purposes stated above.

If you download or use any of our mobile or internet based applications (“apps”):

  • to process your application for subscription services if such services provided for in the apps;
  • to administer and maintain your account with us;
  • to verify and process your personal particulars and process payment requests in relation to provision of products and services connected to the app;
  • to provide you with the products and services which you have purchased or signed up for via the app;
    to communicate changes and developments to LC Group’s  policies, terms and conditions and other administrative information, including for the purposes of servicing you in relation to products and services offered to you;
  • to resolve complaints and handling requests and enquiries;
  • to conduct market research for statistical, profiling, statistical analysis and planning for the improvement of LC Group’s products and services provided to you; and
  • to process your Personal Data in relation to any of the purposes stated above.

If you are a prospective client:

  • to administer and conduct appropriate due diligence checks;
  • to prepare the relevant LC Group contract agreement and/or licence documentation and any other documents as may be required;
  • to administer the relevant contract agreements or licences;
  • to administer and perform financial transactions;
  • to resolve complaints and handling requests and enquiries;
  • to communicate changes and developments to LC Group’s policies, terms and conditions and other administrative information; and
  • any other purpose related to any of the above.

If you are a shareholder or unitholder of our funds (not applicable for LCIL):

  • to administer the relationship, including the verification of your identity and/or the identity of your proxy (as may be applicable);
  • to inform you of LC Group’s performance and the products and services that LC Group provides to our customers through the sending of circulars, reports, newsletters and communications;
  • to resolve complaints and handling requests and enquiries;
  • to communicate changes and developments to LC Group’s policies, terms and conditions and other administrative information; and
  • any other purpose relating to any of the above.

If you are a vendor, a prospective vendor or a contractor:

  • to evaluate your proposals for working with LC Group and to conduct relevant background checks on you;
  • to communicate with your deployed staff, after award of contract, who are in our properties to carry out work or services, and for any emergency or security concerns; and
  • any other purpose relating to any of the above.

If you submit an application to us as a candidate for employment:

  • to evaluate your suitability for employment with LC Group, including pre-recruitment checks and checking on provided references for more detailed background screening/vetting;
  • to organise training and staff development programs;
  • to maintain and manage employee relations, including annual performance assessments/appraisals;
  • to administer and manage benefits and payroll processing;
  • to provide you with the relevant/correct tools as required for you to do carry out your job responsibilities;
  • to administer benefits and payroll processing;
  • to communicate LC Group’s policies and processes, codes of conduct and standard operating procedures, including for business continuity purposes; and
  • any other purposes relating to the aforesaid.

3.4 When you apply for or hold a co-brand product which is offered jointly by LC Group and its co-brand partner (if any), LC Group may also collect, use and disclose your Personal Data with the co-brand partners for offering, marketing and promoting any products, services, offers or events which the co-brand partner thinks may be of interest to you.

3.5 In relation to particular products or services or during your interactions with LC Group, we may also notify or have specifically notified you of other purposes for which LC Group collects, uses or discloses your Personal Data. If so, we will collect, use and disclose your Personal Data for these additional purposes as well, unless we have specifically notified you otherwise.

3.6 Your Personal Data will be protected and kept confidential, but subject to the provisions of any applicable law, your Personal Data may, depending on the products or services concerned, be disclosed to the following third parties:

  • other divisions, business units or entities within the LC Group;
  • LC  Group’s joint venture/alliance partners;
  • agents, contractors, sub-contractors, third party service providers and specialist advisers contracted by LC Group to provide administrative, financial, research, operational or other services, such as telecommunications, information technology, payment, payroll, processing, training, market research, storage and archival;
  • insurers or insurance investigators and credit providers;
  • in the event of default or disputes, any debt collection agencies or dispute resolution centres;
  • any business partner, investor, assignee or transferee (actual or prospective) to facilitate business asset transactions (which may extend to any merger, acquisition or asset sale) involving the whole LC Group or entities within the LC Group;
  • LC Group’s professional advisors such as our auditors and lawyers;
  • relevant government regulators or authority or law enforcement agency to comply with any laws or rules and regulations imposed by any governmental authority;
  • anyone to whom we may transfer our rights and obligations;
  • banks, credit card companies and their respective service providers; and
  • any other party as may be consented to by you, as specified by that individual or in the applicable contract.

LC Group requires that third party organisations which handle or obtain Personal Data, such as service providers to LC Group, acknowledge the confidentiality and sensitivity of this personal data, undertake to respect any individual’s right to privacy and comply with the PDPA. LC Group also requires that these organisations use this information only for limited purposes which have been agreed upon and follow LC Group’s reasonable directions with respect to this information.

4.WHEN DO WE USE AUTOMATED DECISIONMAKING

 

We may use the personal data we collect to conduct data analytics, including profiling and behavioural analysis, to make quicker automated decisions in our business operations and to evaluate your personal characteristics to predict outcomes and risks. We require that rules followed by such automated systems are designed to make fair and objective decisions. We may use artificial intelligence and machine learning to help improve our communications and client experience, make our business operational processes safer and more efficient and enable us to provide faster responses and improve turnaround time. For example, we may use automated decision-making for the following:

  • Client digital onboarding processes– account opening approval processes usingelectronic Know-Your-Customer (eKYC) checks by verifying the authenticity of scanned identification documents and a photo through biometric facialrecognition and liveliness check
  • Risk management – monitoring of accounts and transactions to detect unusual activities to prevent fraud or money laundering, terrorism and other financial crimes.

For further information on your rights in relation to automated decisions that affect you, please refer to the ‘What are your personal data protection rights?’ section.

5. Keeping Your Personal Data Accurate and Up-To-Date

5.1 LC Group endeavors to ensure that Personal Data stored by us is accurate and up-to-date. LC Group also understands that Personal Data may change frequently, such as changes of address and other personal circumstances. As such, LC Group encourages you to contact the DPO at dpo@lighthouse-canton.com to update your Personal data. Incomplete or outdated Personal Data may result in our inability to provide you with products and services you have requested.

6. Use of cookies

6.1 The use of cookies on LC Group websites are governed by our Cookie Policy. The Cookie Policy may be updated from time to time and we encourage you to check back regularly for updates to the same.

6.2 By interacting with us on our websites, you acknowledge and consent to the terms of our Cookie Policy. Should you wish to disable the use of cookies, you may do so by changing the settings on your browser. However, you may not be able to enter or use certain part(s) of our websites.

7. Where the personal data is stored

7.1 We will safeguard the confidentiality of your Personal Data, whether you interact with us personally, by telephone or mail, over the Internet or through forms of other electronic media. We hold Personal Data in a combination of secure computer storage facilities and paper based files and other records and take steps to protect the Personal Data we hold from misuse, loss, unauthorized access, modification or disclosure. Where we no longer require any Personal Data that we hold, that Personal Data would be destroyed or have particulars or information which may identify individuals removed. Your Personal Data will only be disclosed for the express purpose of delivering the product or service requested and shall not be sold or disclosed to any other company for any other reason whatsoever without your consent. All electronic storage and transmission of personal data is secured and encrypted with appropriate security technologies. Although every reasonable effort has been made to ensure that all personal data will be so protected, LC Group cannot be responsible for any unauthorized use or misuse of such information and from risks which are inherent in all internet communications.


8. Where We transfer personal data

Your personal data may be processed, stored, shared, transferred or disclosed by us within the LC Group or with other third parties for the purposes described in this Data Protection Statement. We do this in order to operate effectively, efficiently and securely in facilitating transactions and providing products and services to our clients, to improve and support our processes and business operations and to comply with our legal and regulatory obligations. This may involve processing, storing, sharing, transferring or disclosing your personal data cross border to other jurisdictions.

 

Where recipients of your personal data are in jurisdictions that are overseas, and local laws may not have similar data protection laws as that of the jurisdiction where we are based, we will take all reasonable steps necessary to ensure that your personal data has an appropriate level of protection and safeguards to comply with applicable law.

 

We have put in place procedures to deal with relevant or material personal data breach, which we are aware of, and will notify the relevant parties if we are legally required to do so and if it is practicable to do so.

9. How long do we retain personal data

We will process and store your Personal Data, as long as it is necessary to fulfil the purpose for which it was collected, and to meet any legal, business, accounting or reporting requirements or subject to the requirements of  applicable  laws. When deleting your Personal Data, we will use reasonable and technically feasible methods, as mandated by relevant laws, to render the Personal Data impossible to recover or replicate, as stipulated by the applicable legal requirements.

10. What Are your personal data protection rights

We respect your personal data, and you have the following rights about how we use your information:

  1. The right to be informed - You have the right to know the details related to the processingof your Personal Data.
  2. The right to access - You have right to obtain confirmation on whether Personal Data concerning you is being processed. If personal data concerning you is being processed, you have the right to request us for a copy of your Personal Data. Where allowed by law, we may charge you a reasonable fee based on administrative costs.  
  3. The right to rectification - If your personal details have changed, or you believe we have incorrect or out-of-date information about you, you can ask us to update. 
  4. The right to object or restrict processing - You may object to the processing of your Personal Data in the following cases: 1) the accuracy of the personal data is contested by us,for a period enabling us to verify the accuracy of the personal data; 2) the processing is unlawful, but you do not want us to erase the personal data; 3)we no longer need the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims; 4)to request us not to subject you to a decision based solely on automated decision making, including profiling, where the decision would have a legal effect on you or produce a similarly significant effect, except where such processing is carried out based on legal basis mentioned above.
  5. The right to erasure - You have the right to request us to erase your Personal Data in cases where your Personal Data is no longer necessary for the purpose it was collected or processed, or if it was unlawfully processed. You may also exercise this right if you have withdrawn your consent to the processing of your Personal Data where consent was the legal basis for such processing, or where you object to the processing of your Personal Information.
  6.  The right to data portability - You have the right to receive the Personal Data concerning yourself in a structured, commonly used and machine-readable format.
  7. The right not to provide or change or withdraw consent – We may from time to time ask for your consent to process your personal data. You can choose not to provide such consent or let us know at any time if you change your mind about the consent already provided. However, we may not be able to provide our products and services or engage with you without certain personal data.
  8. The right to withdraw from direct marketing – You can withdraw your consent and tell us to stop sending you marketing emails or newsletter at any time.
  9. The right to lodge complaints with appropriate Authority - You have the right to lodge a complaint with the  appropriate Authority, which is the designated data protection authority responsible for overseeing compliance with data privacy regulations in your jurisdiction.

 

We will respond to requests to exercise your personal data rights in line with applicable law. We may ask you to verify your identity before processing your request. If you have any questions about your rights, please contact us using the details below.

11. Access Requests and Withdrawal of Consent

11.1 Please contact us via dpo@lighthouse-canton.com should you wish to have access to or withdraw the consent to collect and use your Personal Data.


Your email should identify yourself and state which Personal Data and information about its use and / or disclosure is requested. If you withdraw your consent to any or all purposes and depending on the nature of your request, LC Group may not be in a position to continue to provide our products or services to you.

12. Management and Security

12.1 We have appointed Data Protection Officers to oversee our management of your Personal Data in accordance with this Privacy Policy and the PDPA. LC Group trains our employees who handle Personal Data to respect the confidentiality and sensitivity of your Personal Data and views breaches of the PDPA very seriously.

12.2 We take the privacy and security of your personal data very seriously. To protect your data, we have put in place a range of appropriate technical, physical and organisational measures to safeguard and keep your personal data confidential, for example, by using contracts with appropriate confidentiality, data protection and security terms in our arrangements with third parties. LC Group has implemented information security and data privacy policies, including incident management and reporting procedures, rules and technical measures to protect personal data and to comply with legal and regulatory requirements. We train and require staff who access your personal data to comply with our data privacy and security standards. We require our service providers, or other third parties we engage with and to whom we disclose your personal data to implement similar confidentiality, data privacy and security standards and measures when they handle, access or process your personal data.

LCPL has a SOC 2 Type 2 certification. SOC 2 ensures that a company's systems and controls protect customer data by evaluating the security, availability, processing integrity, confidentiality, and privacy of the service organization's systems.

13.How to contact us

13.1 If you have any questions about this Policy or any complaints relating to your Personal Data, or you would like to obtain access and make corrections to your Personal Data records (for which we may charge a fee to cover the cost of verifying the application and locating, retrieving and copying any material requested), please contact the designated Data Protection Officers for the respective business units as follows:

Business Entity: LC Group
Name of Data Protection Officer (DPO):Sumeet Srivastava
Contact Number: +91 9535763353
Email Address: dpo@lighthouse-canton.com

14. Review of the Policy Statement

14.1 This Policy will be reviewed from time to time by LC Group. LC Group may also from time to time update this Privacy Statement to take account of new laws and technology, changes to our operations and practices and the changing business environment. If you are unsure whether you are reading the most current version, please contact us.

15. COOKIE POLICY

This Cookie Policy applies to any websites which are operated by or on behalf of LC Group (“Websites”).
By using and accessing our Websites, you are consenting to our use of cookies in accordance with this Cookie Policy. This Cookie Policy may be updated from time to time. Updates to the Cookie Policy will be posted on our Websites.


If you do not agree to our use of cookies as set out in this Cookie Policy you should disable the cookies associated with our Websites by changing your browser settings accordingly.


However, you may not be able to enter certain part(s) of the Websites, and some of the functions and services may not be able to function without cookies. This may also impact your user experience while on our Websites.

What are cookies?

Cookies are small files containing a string of characters that is sent to your computer when you visit our Websites.
Depending on the type of cookies, they may store user preferences and other information.

What do we use cookies for?

We use cookies to track information such as the number of users and their frequency of use, profiles of users and their preferred sites.
We use cookies to make the Websites easier to use and to better tailor our products and services to your interests and needs. Cookies may also be used to help speed up your future activities and experience on our Websites.
When you interact with us on our Websites, we may collect for the purposes of analysis statistical information from which individuals cannot be identified(“Aggregate Information”), such as number of users, their frequency of use, the number of page views (or page impressions) that occur on the Websites and common entry and exit points into and out of the Websites.
We use such statistical information to understand how people use our Websites and to help us improve their structure and contents. We cannot identify you personally from this information.