Privacy Policy

Privacy Policy

Last Updated: October 2023

INTRODUCTION

Protection of your personal data is important to us. This Privacy Policy outlines how we manage the personal data that we hold. Marco Global Payroll Pte. Ltd. (referred to as “Marco”, “we”, “us”, or “our”) respects the confidentiality of personal data and privacy of individuals and are committed to complying with the Singapore Personal Data Protection Act 2012 (“PDPA”) and other applicable data protection laws, including the European Union (“EU”) General Data Protection Regulation (“GDPR”), where applicable.

BY ACCESSING THIS SITE, UTILISING THE WEB OFFERING OR REQUESTING INFORMATION THROUGH OUR SITE, YOU AFFIRM THAT YOU HAVE READ, UNDERSTOOD, AND AGREE TO BE BOUND BY THIS PRIVACY POLICY, INCLUDING OUR TERMS OF SERVICE AT https://marcopayroll.com/terms-of-use. IF YOU DO NOT AGREE TO OUR PRIVACY POLICY, PLEASE DISCONTINUE YOUR USE IMMEDIATELY. YOUR CONTINUED USE OF THIS SITE (WHETHER NOW OR IN FUTURE) MEANS THAT YOU HAVE AGREED TO OUR PRIVACY POLICY.

Please read this Privacy Policy so that you know and understand the purposes for which we collect, use and disclose your personal data.

QUESTIONS ABOUT THIS PRIVACY POLICY

If, at any time, you have any queries on this Privacy Policy or any other queries in relation to how we manage, protect and/or process your personal data, please do not hesitate to contact us and you may find our contact information at the end of this Privacy Policy. Please indicate in the subject header what the nature of your query is (e.g. if it is relating to an access request, you may insert the words “Data Subject Access Request” in the subject header).

WHAT PERSONAL DATA DOES MARCO COLLECT ABOUT YOU?

Personal data is any data, whether true or not, about an individual who can be identified from that data; or from that data and other information to which we have or is likely to have access.

Examples of such personal data which you may provide us include (depending on the nature of your interaction with us) your name, national identification number, passport number or other identification number, driver’s license, telephone number, mailing address, email address, IP address, photograph, curriculum vitae, and any other information relating to you which you have provided us in any form you may have submitted to us, or in other forms of interaction with you.

HOW DOES MARCO COLLECT YOUR PERSONAL DATA

Generally, we collect your personal data in the following ways:

  • When you submit forms relating to our services, or otherwise contact us in relation to our services;
  • When you register for or use any of our services on websites, platforms and apps owned or operated by us or when you register on any of our websites, platforms, and apps owned or operated by us;
  • When you use or purchase our services;
  • When you establish any online account with us;
  • When you request that we contact you;
  • When you respond to our request for additional personal data;
  • When you ask to be included in an email or other mailing list;
  • When you respond to our promotions or other initiatives;
  • When you submit a job application;
  • When we receive references from business partners and third parties, for example, where you have been referred by them;
  • When you submit your personal data to us for any other reason; and
  • When you browse our websites.

We may monitor or record phone calls and customer-facing interactions for quality assurance, employee training and performance evaluation, and identity verification purposes, and while receiving feedback, responding to your queries, requests and complaints and other related purposes. Such monitoring or recording will be done in accordance with the applicable law.

Your personal data may also be collected, used and/or disclosed if we have assessed that to do so would be in our legitimate interests and/or for business improvement purposes. Legitimate interests include protecting against physical and cyber security risks, and ensuring business continuity, and business improvement purposes include improvement or enhancement of any goods or services, or methods or processes for operations and for learning about and understanding customers’ behavior and preferences. Before doing so, we will take steps to ensure that any adverse effects that might arise for you have already been identified and eliminated, reduced or mitigated.

We may receive personal data about you from other sources (for example, when you authorize a third party service to interact direct with our websites, platforms, apps or services to provide or receive personalized information about you).

When you visit our Website, our servers automatically record information that your browser typically sends whenever you visit any other website. This information may include your Internet Protocol address, browser type, the web page you were visiting before you came to our website and information you search for on our website. Like many websites, we also use “cookies” and other technologies to collect information. You can instruct your browser, by changing its options, to stop accepting cookies or to prompt you before accepting a cookie from the websites you visit. If you do not accept cookies, however, you may not be able to use all portions of our website or all functionality of our Services. For more information about our use of cookies and other technologies, see “Cookies Policy”.

Marco does not knowingly collect or solicit personal information from anyone under the age of 16. Children under 16 years old are not the target audience for our Website. If you are under 16, please do not give us any Personal Information. We encourage parents and legal guardians to monitor their children’s internet usage.

WHAT DOES MARCO USE YOUR PERSONAL DATA FOR?

We may collect, use and/or disclose your personal data, where permitted by applicable data protection laws, for the following purposes:

  1. Provision of our products and services which includes managing our relationship with you or your business, communicating with you about our products and services, registering to become a user of our websites, mobile applications or platforms, applying for a job; and contacting us for partnership, supplier, or other business opportunities.
  2. Marketing and events-related communications which includes communicating with you through any means (including by email, telephone, text message, social media, post or in person) news and analysis that we believe may be of interest to you, subject always to obtaining your prior opt-in consent to the extent required under applicable law, informing you about changes to our services, websites, platforms and apps, and their functionality, providing you with information about other products and services we offer, keeping you informed about industry developments, maintaining and updating your contact information where appropriate, and inviting you to participate in events or surveys, or otherwise communicating with you for marketing purposes with the consent or other legal requirements of applicable data protection laws.
  3. Improving our business including improving our business including testing new products and services and developing new ways to meet our users’ needs, identifying issues with our products, services, websites, platforms and apps, and conducting research and planning improvements to our products, services, websites, platforms and apps, and creating new products, services, websites, platforms and apps.
  4. Managing our operations including the provision of information of employment or independent contractor/freelancing opportunities, onboarding of prospective employees or independent contractors/freelancers, management of employees after having commenced employment, questionnaires and other such measures, to improve recruitment activities of Marco, vendors, and their clients in general, business execution including entering into of agreements with customers, suppliers and managing relationship with such parties, making and managing payments on behalf of customers, employees or independent contractors/freelancers, managing fees (if any) and charges due (if any) on user accounts, provision of information to related companies and/or affiliates of Marco, communicating to our customers, investors, prospective and existing employees; and for any purpose connected with your agreement(s) with us, including the maintenance of a central database of customers.
  5. Compliance checks including fulfilling our regulatory compliance obligations, ‘Know Your Client’ checks, confirming and verifying your identity, use of credit reference agencies, and screening against government and/or law enforcement agency sanctions lists and other legal restrictions.
  6. Management of IT systems including management and operation of our communications, IT and security systems, audits (including security audits) and monitoring of such systems.
  7. Health and safety which includes health and safety assessments and record keeping, providing a safe and secure environment at our premises, and compliance with related legal obligations.
  8. Security which includes physical security of our premises (including records of visits to our premises), and CCTV recordings; and electronic security (including login records and access details).
  9. Financial Management which includes sales; finance; corporate audit; and vendor management, and handling customer and vendor orders and billing.
  10. Investigations which includes detecting, investigating and preventing breaches of policy, and criminal offences, in accordance with applicable law.
  11. Legal Proceedings which includes establishing, exercising and defending legal rights.
  12. Legal Compliance such as compliance with our legal and regulatory obligations under applicable law.
  13. Fraud Prevention such as detecting, preventing and investigating fraud.

(collectively, the “Purposes”)

We do so to provide you with the service you requested, and where appropriate with your consent or based on our legitimate interest to carry out our business operations.

As the purpose for which we may/will collect, use, disclose or process your personal data depend on the circumstances at hand, such purpose may not appear above. However, we will notify you of such other purpose at the time of obtaining your consent, unless processing of your personal data without your consent is permitted by applicable laws.

In order to conduct our business operations more smoothly, we may also be disclosing the personal data you have provided to us to our third party service providers, agents and/or our affiliates or related corporations, and/or other third parties whether sited in Singapore or outside of Singapore, for one or more of the above-stated Purposes. Such third party service providers, agents, and/or affiliates or related corporations and/or other third parties would be processing your personal data either on our behalf or otherwise, for one or more of the above-stated Purposes.

WHO DOES MARCO SHARE YOUR PERSONAL DATA WITH?

For us to offer our products and services to you, we may have to disclose your personal data to third parties in order for them to process it on our behalf. This may include the following categories of recipients:

  1. Our service providers – for example, service providers in charge of storing and analyzing data, providing customer service, advertising, and payment processing;
  2. Our agents – who may be delivering parts of our products and services on our behalf;
  3. Our related companies – who may be delivering parts of our products or services on our behalf; and
  4. Other third-party service providers – whose services or applications we may make available for your use on our products and services.

Marco may also share your personal information with other participants in our sales and marketing chain such as integrators, order fulfillers, sales agents and channel partners, for the limited purposes of selling, marketing or providing support for Marco products and services.

Marco may analyze anonymous and aggregate information in order to operate, maintain, manage, and improve the website, and/or related products and services. This aggregate information does not identify you personally. We may share this aggregate data to our subsidiaries, affiliates, agents, business partners and other third parties. We may also disclose aggregated user statistics in order to describe the services and other products to current and prospective business partners and to other third parties for other lawful purposes.

As we continue to develop our business, we might sell or buy other businesses or assets which include any business asset transactions. “Business Asset Transaction” means the purchase, sale, lease, merger or amalgamation or any other acquisition, disposal or financing of an organization or a portion of an organization or of any of the business or assets of an organization. In such transactions, we may disclose your personal data to a third party without first obtaining your consent under applicable data protection laws.

We may disclose any of the personal data we collect to respond to subpoenas, court orders, legal process, law enforcement requests, legal claims, or government inquiries, and to protect and defend the rights, interests, safety, and security to Marco, our affiliates, users, or the public. We may also share any of the personal data we collect to enforce any terms applicable to the use of our products and/or services, to exercise or defend any legal claims, and comply with any applicable law.

Where we are required to transfer your personal data outside of Singapore, we shall take such steps to ensure that the receiving organization is bound by legally enforceable obligations such as:

  1. Where the receiving party is an associated or affiliated organization or related organization, a set of binding corporate rules; and
  2. Where the receiving party is an unrelated third party; a contract or written agreement,

to provide a standard of protection to the personal data so transferred that is comparable to the standard of protection afforded under the PDPA or applicable data protection laws.

We respect the confidentiality of the personal data you have provided to us. In that regard, we will only disclose your personal data to third parties where we are allowed to do so under applicable data protection laws. More specifically, we will not disclose your personal data to any third parties without your prior consent to do so, unless such disclosure is sanctioned under the PDPA exemptions.

When sharing your personal data with third parties, we will employ our best efforts to ensure that appropriate safeguards are in place to protect the security and confidentiality of your personal data when in the hands of such third parties.

REQUESTS FOR ACCESS, CORRECTION AND/OR PORTING OF PERSONAL DATA

You may request to access, correct and/or port the personal data currently in our possession, or object to the collection, use and/or disclosure of your personal data in our possession or under our control, at any time by submitting your request to our Data Protection Officer.

For a request to access personal data, we will provide you with a copy of the relevant personal data within a reasonable amount of time from when the request is made.

For a request to correct personal data, we will process your request as soon as practicable after the request has been made. Such correction may involve necessary verification, which may include sending the corrected personal data to other organizations to which the personal data was disclosed by Marco within a year before the date the correction was made (unless that other organization does not need the corrected personal data for any legal or business purpose), or if you so consent, only to specific organizations to which the personal data was disclosed by us within a year before the date the correction was made.

For a request to port personal data, once we have sufficient information from you to deal with the request, we will seek to port your personal data within 30 calendar days. Where we are unable to do so within the said 30 calendar days, we will notify you of the soonest practicable time within which we can carry out the data porting.

You will not have to pay a fee to access your Personal Information (or to exercise any of the other rights). However, we may charge a reasonable fee for the handling and processing of your requests to access, correct and/or port your personal data if your request is unfounded or excessive. You will be notified in advance of such costs. Alternatively, we may refuse to comply with such unfounded or excessive requests under such circumstances.

For a request to object to the processing of your personal data by us, we will process your request within a reasonable time from when the request is made. Such requests may adversely impact your relationship with us or the quality of the services we deliver to you. We will notify you in advance of such impacts.

HOW DOES MARCO PROTECT YOUR PERSONAL DATA?

We will take precautions and preventive measures to ensure that your personal data is adequately protected and secured in accordance with data protection laws. Appropriate security arrangements will be made to prevent any unauthorized access, collection, use, disclosure, copying, modification, leakage, loss, damage and/or alteration to or of your personal data.

We will also make reasonable efforts to ensure that the personal data in our possession or under our control is destroyed and/or anonymized as soon as it is reasonable to assume that (a) the purpose for which that personal data was collected is no longer being served by the retention of such personal data; and (b) retention is no longer necessary for any other legal or business purposes.

PERSON LOCATED INSIDE THE EUROPEAN ECONOMIC AREA (“EEA”) AND THE UK

If you are located inside the EEA or the UK, the provisions set out in Appendix 1 will also apply to your personal data.

UPDATES TO THIS PRIVACY POLICY

As part of our efforts to ensure that we properly manage, protect and process your personal data, we will be reviewing our policies, procedures and processes from time to time.

We may amend the terms of this Privacy Policy at our absolute discretion. Any amended policy will be posted on our website or platforms, and once posted the amended policy shall be effective immediately. We will notify you if we make any significant changes to this Privacy Policy where required to do so under applicable laws. However, you are advised to visit this page regularly for the latest information on our privacy practices.

Contact Information

Marco Payroll Global Pte. Ltd

Attn: Legal Department
8 Marina Boulevard
MBFC Tower 1, #11-01
Singapore 018981

privacy@marcopayroll.com

APPENDIX 1

(Additional provisions applicable to individuals located inside the European Economic Area and the UK)

The following provisions apply to your personal data if you are located inside the European Economic Area (“EEA”) and the UK. These apply in addition to the rest of this Privacy Policy.

In the event of any conflict between this Appendix 1 and the rest of this Privacy Policy, the provisions contained in this Appendix 1 will prevail.

WHAT IS MARCO LAWFUL BASIS FOR PROCESSING YOUR PERSONAL DATA?

We will always process your personal data in accordance with data protection laws, and will only process it where it has a legal justification to do so. The table below provides some details of the lawful bases we rely on to collect and use your personal data.

PurposesLegal Basis for processing
(a) Provision of our products and services

(i) Managing our relationship with you or your business;

(ii) Communicating with you about our products and services;

(iii) Registering to become a user of our websites, mobile applications or platforms;

(iv) Applying for a job; and

(v) Contacting us for partnership, supplier, or other business opportunities.
• The processing is necessary in connection with any contract that you have entered into with us, or to take steps prior to entering into a contract with us;

• We have a legitimate interest in carrying out the processing for the purpose of providing our products and services; or

• We have obtained your prior consent to the processing (this legal basis is only used in relation to processing that is entirely voluntary – it is not used for processing that is necessary or obligatory in any way).
(b) Marketing and events-related communications

(i) Communicating with you through any means (including by email, telephone, text message, social media, post or in person) news and analysis that we believe may be of interest to you, subject always to obtaining your prior opt-in consent to the extent required under applicable law;

(ii) Informing you about changes to our services, websites, platforms and apps, and their functionality;

(iii) Providing you with information about other products and services we offer;

(iv) Keeping you informed about industry developments;

(vi) Maintaining and updating your contact information where appropriate; and

(vii) Inviting you to participate in events or surveys, or otherwise communicating with you for marketing purposes with the consent or other legal requirements of applicable data protection laws.
• The processing is necessary in connection with any contract that you have entered into with us, or to take steps prior to entering into a contract with us;

• We have a legitimate interest in carrying out the processing for the purpose of contacting you, subject always to compliance with applicable law; or

• We have obtained your prior consent to the processing (this legal basis is only used in relation to processing that is entirely voluntary – it is not used for processing that is necessary or obligatory in any way).
(c) Improving our business

(i) Improving our business including testing new products and services and developing new ways to meet our users’ needs;

(ii) Identifying issues with our products, services, websites, platforms and apps.

(iii) Conducting research and planning improvements to our products, services, websites, platforms and apps, and creating new products, services, websites, platforms and apps.
• We have a legitimate interest in carrying out the processing for the purpose of providing our products and services; or

• We have obtained your prior consent to the processing (this legal basis is only used in relation to the processing that is entirely voluntary – it is not used for processing that is necessary or obligatory in any way).
(d) Managing our operations

(i) Provision of information of employment or independent contractor/freelancing opportunities;

(ii) Onboarding of prospective employees or independent contractors/freelancers;

(iii) Management of employees after having commenced employment;

(iv) Questionnaires and other such measures, to improve recruitment activities of Marco, vendors, and their clients in general;

(v) Business execution including entering into of agreements with customers, suppliers and managing relationship with such parties;

(vi) Making and managing payments on behalf of customers, employees or independent contractors/freelancers;

(vii) Managing fees (if any) and charges due (if any) on user accounts

(viii) Provision of information to related companies and/or affiliates of Marco;

(ix) Communicating to our customers, investors, prospective and existing employees; and

(x) For any purpose connected with your agreement(s) with us, including the maintenance of a central database of customers.
• The processing is necessary in connection with any contract that you have entered into with us, or to take steps prior to entering into a contract with us.

• We have a legitimate interest in carrying out the processing for the purpose of providing our products and services; or

• We have obtained your prior consent to the processing (this legal basis is only used in relation to processing that is entirely voluntary – it is not used for processing that is necessary or obligatory in any way).
(e) Compliance checks

(i) Fulfilling our regulatory compliance obligations;

(ii) ‘Know Your Client’ checks;

(iii) Confirming and verifying your identity;

(iv) Use of credit reference agencies; and

(v) Screening against government and/or law enforcement agency sanctions lists and other legal restrictions.
• The processing is necessary for compliance with a legal obligation;

• The processing is necessary in connection with any contract that you have entered into with us, or to take steps prior to entering into a contract with us;

• We have a legitimate interest in carrying out the processing for the purpose of fulfilling our regulatory and compliance obligations.
(f) Management of IT systems

(i) management and operation of our communications, IT and security systems;

(ii) audits (including security audits) and monitoring of such systems
• The processing is necessary for compliance with a legal obligation; or

• We have a legitimate interest in carrying out the processing for the purpose of managing and maintaining our communications and IT systems.
(g) Health and safety

(i) health and safety assessments and record keeping;

(ii) providing a safe and secure environment at our premises; and

(iii) compliance with related legal obligations.
• The processing is necessary for compliance with a legal obligation; or

• The processing is necessary to protect the vital interests of any individual.
(h) Security

(i) physical security of our premises (including records of visits to our premises); and

(ii) CCTV recordings; and electronic security (including login records and access details).
• The processing is necessary for compliance with a legal obligation; or

• We have a legitimate interest in carrying out the processing for the purpose of ensuring the physical and electronic security of our business and our premises
(i) Financial Management

(i) sales; finance; corporate audit; and vendor management; and

(ii) handling customer and vendor orders and billing.
• We have a legitimate interest in carrying out the processing for the purpose of managing and operating the financial affairs of our business; or

• We have obtained your prior consent to the processing (this legal basis is only used in relation to the processing that is entirely voluntary – it is not used for processing that is necessary or obligatory in any way).
(j) Investigations

Detecting, investigating and preventing breaches of policy, and criminal offences, in accordance with applicable law.
• The processing is necessary for compliance with a legal obligation; or

• We have a legitimate interest in carrying out the processing for the purpose of detecting, and protecting against, breaches of our policies and applicable laws
(k) Legal Proceedings Establishing,

Exercising and defending legal rights.
• The processing is necessary for compliance with a legal obligation; or

• We have a legitimate interest in carrying out the processing for the purpose of establishing, exercising or defending our legal rights.
(l) Legal Compliance

Compliance with our legal and regulatory obligations under applicable law.
• The processing is necessary for compliance with a legal obligation.
(m) Fraud Prevention

Detecting, preventing and investigating fraud.
• The processing is necessary for compliance with a legal obligation (especially in respect of applicable employment law); or

• We have a legitimate interest in carrying out the processing for the purpose of detecting and protecting against fraud.

WILL YOUR PERSONAL DATA BE TRANSFERRED OUTSIDE OF THE EEA OR THE UK?

As Marco is located in Singapore, your personal data will be transferred and processed outside of the EEA or the UK as the case may be.

Where we transfer your personal data from within the EEA or the UK as the case may be to a country outside the EEA or the UK as the case may be, we ensure that adequate safeguards are in place to offer equivalent protection as your personal data would receive within the EEA or the UK as the case may be and in compliance with applicable data protection laws.

You may contact us to find out more about the safeguards we have in place for transfers outside the EEA or the UK as the case may be.

HOW LONG DOES MARCO KEEP YOUR PERSONAL DATA FOR?

Personal data that we collect will be retained only for as long as is necessary in connection with the purposes refer to in Section 1 of this appendix or with the purposes described in this Privacy Policy, and in accordance with Marco’s retention policies, or to comply with our legal obligations with applicable laws and regulations.

When determining the relevant retention periods for your personal data, we will take a number of factors into account, including our contractual obligations and rights in relation to the personal data involved, our legal obligations under applicable laws to retain data for a certain period of time, our legitimate interests, statute of limitations under applicable laws, potential disputes, and guidelines issued by relevant data protection authorities. Otherwise, we will securely erase or anonymize your personal data where we do not have a legitimate reason for keeping it.

WHAT ARE YOUR RIGHTS IN RESPECT OF YOUR PERSONAL DATA?

In addition to the rights listed in this Privacy Policy, you have a number of rights (subject to certain conditions) when it comes to your personal data, as detailed in the table below:

You can exercise any of these rights by contacting our data protection officer.

Please consider your request responsibly before submitting it. We will respond as soon as we are able to.

RightsWhat does this mean?
(a) The right to be informedYou have the right to be provided with clear, transparent and easily understandable information about how we use your personal data and your rights. This is why we are providing you with the information in this Privacy Policy.
(b) The right of accessYou have the right to obtain a copy of your personal data (if we are processing it), and certain other information (similar to that provided in this Privacy Policy) about how it is used. This is so you are aware and can check that we are using your information in accordance with data protection law. We can refuse to provide information where to do so may reveal personal data about another person or would otherwise negatively impact another person’s rights.
(c) The right to rectificationYou can ask us to take reasonable measures to correct your personal data if it is inaccurate or incomplete. E.g., if we have a wrong name or address of you.
(d) The right to erasureThis is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your personal data where there’s no compelling reason for us to keep using it or its use is
unlawful. This is not a general right to erasure; there are exceptions, e.g., where we need to use your personal data in defense of a legal claim.
(e) The right to restrict
processing
You have rights to ‘block’ or suppress further use of your personal data when we are assessing a request for rectification or as an alternative to erasure. When processing is restricted, we can still store your personal data, but may not use it further. We keep lists of people who have asked for further use of their personal data to be ‘blocked’ to make sure the restriction is respected in future.
(f) The right to data portabilityYou have rights to obtain and reuse certain personal data for your own purposes across different organizations.
(g) The right to objectYou have the right to object to certain types of processing, on grounds relating to your particular situation, at any time insofar as that processing takes place for the purposes of legitimate interests pursued by us or by a third party. We will be allowed to continue to process your personal data if we can demonstrate “compelling legitimate grounds for the processing which override your interests, rights and freedoms” or we need this for the establishment, exercise or defense of legal claims.