CLEAN EATS & CO PTE. LTD.

(Incorporated in the Republic of Singapore)

201934020C

BAMBOO BOWLS MOBILE APPLICATION AND WEBSITE

PRIVACY POLICY

AND

ANTI-MONEY LAUNDERING AND

COUNTER FINANCING OF TERRORISM

1- PRIVACY POLICY

This Privacy notice explains how Clean Eats & Co (In this Privacy Notice "We” , "Us”, "Our”, "Bamboo Bowls” or “Clean Eats & Co Pte. Ltd.”) , its respective subsidiaries, affiliates, associated companies and jointly controlled entities) collect, use, transfer, disclose and protect your personal data and your rights in relation to the personal date we hold. Clean Eats & Co is the data controller of your personal data, and all entities owned by the said Clean Eats & Co Pte. Ltd. entity are committed to complying with any and all applicable regulations.

This Privacy Policy applies to all users (including customers, logistic partners, delivery partners, transportation providers, passengers, agents, vendors, suppliers, partners, contractors and service providers hereinafter “you”, “your”, “yours”) of the Clean Eats & Co Applications, including the Bamboo Bowls Mobile App, and our Website.

By using the Services, users consent to the collection and use of their Personal Data by us. You also represent to us that you have any and all authorizations necessary to use these Services including using them to process Personal Data. We collect and use the information you provide to us, including information obtained from your use of the Services. Also, we may use the information that we collect for our internal purposes to develop, tune, enhance, and improve our Services, and for advertising and marketing consistent with this Privacy Policy.

his privacy policy has been compiled to better serve those who are concerned with how their 'Personal Data’ is being used online. Personal Information means data which relate to a living individual who can be identified – (a) from those data, or (b) from those data and other information which is in the possession of, or is likely to come into the possession of, the data controller, and includes any expression of opinion about the individual and any indication of the intentions of the data controller or any other person in respect of the individual.

Please read our privacy policy carefully to get a clear understanding of how our website collects, uses, protects or otherwise handles users’ Personal Data.

This Privacy Notice supersedes any previous Privacy notice or equivalent which you may have been provided with or seen prior to the date first written above. The term “includes” and “including” shall mean without limitation.

This Privacy Policy is intended to inform users about how our website treats Personal Data that it processes about users. If users do not agree to any part of this Privacy Policy, then we cannot provide its Services to users and users should stop accessing our services.

By using the Services, You acknowledge, consent and agree that we may collect, process, and use the information that you provide to us and that such information shall only be used by us or third parties acting under our direction, pursuant to confidentiality agreements, to develop, tune, enhance, and improve the Services. Although we may attempt to notify you when changes are made to this Privacy Policy, you are responsible for periodically reviewing any changes which may be made to the Policy. We may, in our sole discretion, modify or revise the Policy at any time, and you agree to be bound by the same.

Our privacy policy is subject to change at any time without notice. To make sure you are aware of any changes, please review this policy periodically.

  1. DEFINITIONS

    “Food Delivery” means online food delivery service which provides service of collecting food from the restaurants operators and delivers to the Consumer user, with the order being made through the Bamboo Bowls App;

    “Website” means https://www.bamboobowls.com

    “Processing” means means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction erasure or destruction;

    “Unique identifier” means means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction erasure or destruction;

    “Personal information” means information that you provide to us which personally identifies you, such as your name, contact number, email address, billing information, or other data that can be reasonably linked to such information by Clean Eats & Co , such as information we associate with your Bamboo Bowls Account;

    “Device” is a computer that can be used to access Clean Eats & Co services. For example, desktop computers, tablets, and smartphones are all considered devices;

    “IP address” means an internet protocol (IP) address by which every device connected to the Internet is assigned a number;

    “Affiliates” means any person directly Controlling, Controlled by or under direct or indirect Common Control with the Party;

    “Affiliates” means any person directly Controlling, Controlled by or under direct or indirect Common Control with the Party;

    “To act reasonably” where used in any part of this Privacy policy, the phrase acting reasonably shall be taken to mean acting in a way that meets the minimum level of performance that is expected from the other contracting party to fulfil an obligation.

  2. PERSONAL DATA WE COLLECT

    We collect your personal data in a number of ways listed below. The Personal data which we collect may be provided by you directly (such as upon registration of your account as a User or Delivery Provider, or otherwise as provided by you to us), by third parties or be collected automatically when you use the Bamboo Bowls mobile app.

    In the event that you have or are a party to multiple relationships with us (for example if you use our Services across our various service platforms, or if you are both a User/ Logistic Partner), we may also combine the Personal Data with other Personal Data in our possession.

    1. PERSONAL DATA OBTAINED DIRECTLY FROM YOU

      We collect your personal data when you voluntarily provide it to us. This includes;

      • From the information you provide to us in relation to your Bamboo Bowls Account, Registration and Creation:

      1. User profiles(Consumer)may include name, contact information (such as email address, name, phone number) and other identification information when needed to be used (such as Apple ID, Instagram, Gmail, or Facebook account log in details).

      2. Logistic Partner profiles (Delivery and Merchants) may include additional Personal data as part of our onboarding process as to assess your eligibility to provide services as a Clean Eats & Co Delivery partner or other Logistic partners (such as your ID information, insurance policy, vehicle information and background check results (as and when permitted by law)).

      3. Other Personal data collected directly provided by you may include biographical information which may confirm your identity including your date of birth, tax identification number, bank account details and verified payment card information. In certain circumstances, you may be required to provide your Personal Data in order to comply with any legal requirements or your contractual obligations, or where it is necessary to conclude a contract. Failure to provide such Personal Data, may constitute failure to comply with legal requirements or contractual obligations, or inability to contract with you, as the case may be.

      • From the information you provide to us in relation to the normal operation of our Application, Website and Services by or through a mobile device (“Personal Usage Data”):

      1. As a User, you may be required to provide us with information in relation to the type of food order you seek, delivery location, feedback, ratings, transaction information (such as payment method and distance travelled), information about how you interacted with the Bamboo Bowls App, Website and our Services (such as feature used and content viewed), device information (such as hardware model, serial number, IP address, files names and versions and advertising identifiers or any information that may provide indication of device or app modification), personal data you enter in messages when you use our in-app communication features and personal data that may be captured through your interaction with us or our agents.

      2. In relation to the payment of the Services, when you are the payer, you will provide to us (i) information relating to the payment, such as the type of payment card used, the name of the issuer of that payment card, the name of the account holder for that payment card, the number of that payment card and the amount to be paid for such Service;(ii) Information relating to your mobile Bamboo Bowls payment method such as, the type of Credit or Debit card, bank account details, mobile money information, or PayNow,PayLah!, Apple Pay or any other authorized third party payment providers account details.

      3. In relation to the In-App chat feature, you may be required to provide us with your phone number and account-registered name with the other parties in our chat to enable the chat feature. Information provided by you to our customer support in relation to our services will be collected and stored by us. However, information provided by you using our In-App chat feature to other users are encrypted and will not be collected and/or stored by us

      • From information about you collected whenever you use the Application or visit our Website We may collect;

      1. Log information; Log information is certain technical data, including internet protocol (IP) address, information as web pages previously or subsequently viewed, duration of every visit/session, the internet device identity (ID), mobile advertising ID or media access control address, and also other device information regarding the manufacturer, model and operating system of the device that you use to access the Application or our website;

      2. Certain information collected on an automated basis; Information collected by tracking technologies. Tracking technologies, including embedded scripts, location-identifying technologies, device recognition technologies, and other tracking technologies, may be used to collect information about your interactions with the Website. Some information about your use of the Website and certain third party services may be collected using Tracking technologies across time and services, and used by us and third parties for purposes such as to associate different devices you use, and deliver relevant ads and/or other content to you on the Website and certain other sites or online services.

      3. Certain information related to your geo-location in real-time through the Global Positioning System (GPS) on your mobile device, your speed, acceleration and breaking data. In some cases, you will be required to activate your GPS to enable us to provide a better and more accurate experience using the Application.

        • As a Logistic partner , we collect your geo-location information when the Application is running in the foreground (when the application is open and on-screen) and in the background (when the Application is open but not on screen) so long as you are signed into the Application.

        • As a User, we collect your geo-location information when the Application is in the foreground. Collection of geo-location information when the Application is in the background may be collected, however such collection is involuntary. You may choose to disable the geo-location track information on your mobile device temporarily, through your device setting. However, this may affect some of the Application’s functionality.

      4. In the event that you authorize the Application to access the camera function of your device, any images that you share with a User or Logistic provider, for example via the chat feature, will be collected by us. The camera function of your device may also be authorized by you whenever you add a payment method to your account, for example your debit or credit card information added using the scan feature. Notwithstanding, such personal data should only be provided by you to resolve customer support issues and will only be used by us to investigate and address concerns, monitor and improve our customer support responses, respond to questions, comments and feedback and inform you about steps taken to resolve customer support issues.

      5. Information Collected by Cookies and Other Tracking Technologies: We use various technologies to collect information, and this may include sending cookies to you. A "cookie" is a small data file transferred to your computer’s hard drive that allows a Website to respond to you as an individual, gathering and remembering information about your preferences in order to tailor its operation to your needs, likes and dislikes. Overall, cookies are safe, as they only identify your computer to customize your Web experience. Accepting a cookie does not provide us access to your computer or any Personal Data about you, other than the information you choose to share. Other servers cannot read them, nor can they be used to deliver a virus. Most browsers automatically accept cookies, but you can usually adjust yours (Microsoft Internet Explorer, Firefox or Google Chrome) to notify you of cookie placement requests, refuse certain cookies, or decline cookies completely. If you turn off cookies completely, there may be some website features that will not be available to you, and some Web pages may not display properly. To support the personalized features of our website (such as your country and language codes and browsing functions) we must send a cookie to your computer’s hard drive and/or use cookie-based authentication to identify you as a registered website user.

      6. “Web beacons” or clear .gifs are small pieces of code placed on a Web page to monitor behavior and collect data about the visitors viewing a Web page. For example, Web beacons or similar technology can be used to count the users who visit a Website or to deliver a cookie to the browser of a visitor viewing that page. We may use Web beacons or similar technology on our Services from time to time for this and other purposes.

      • From information about you collected from third parties

      1. When your Personal data is collected, including but not limited to your name, contact information and other identification information where needed from third parties (other sources), we will ensure that such data is transferred to us in accordance with applicable laws. For the purpose of this Privacy policy, other sources includes; referral programmes; our business partners, such as payment providers, insurance and financial providers; credit bureau and other credit reporting agencies; publicly available sources of data; governmental sources of data; when our users add you as an emergency contact; marketing services providers or partners.

        Any information above-mentioned will only be collected for or in connection with the purposes for which such third parties are engaged or the purposes of our collaboration with such third parties, as the case may be, provided that all reasonable steps have been taken to ensure that such third parties would undertake to us to obtain your consent for the disclosure of your Personal data in line with this Privacy policy and Applicable law, or unless you have provided your consent to us for such disclosure.

        You may provide us with, or allow us access to information of other individuals (for example, Personal data relating to your spouse, family members or friends). In such an event, you warrant and represent that you have obtained their consent for their Personal data to be collected, used and disclosed in accordance with this Privacy policy.

    2. PERSONAL DATA OF MINORS

      Our services are available only to persons who can form a legally binding contract with us as per the applicable laws. Protecting the privacy of young children is especially important. Thus if you are under the age of eighteen (18) years then you can only use our website and these services under the supervision of your parents, who will be bind by the legal contract between us and on behalf of their child.

      We do not allow any minors (under your care as parent or legal guardian) to submit any Personal Data to Clean Eats & Co . However, in the event that Personal Data of a minor (under your care as parent or legal guardian) is disclosed to us, you hereby acknowledge and agree to the processing of the minor’s Personal Data. Further, you hereby acknowledge and agree to be bound by this Privacy policy and be fully responsible for his or her actions.

  3. USAGE OF PERSONAL DATA COLLECTED

    The basis for processing your personal data (other than with your consent), how to use that personal data and whom we share it with ( “Purposes”).

    1. TO PROVIDE AND MAINTAIN SERVICES AND FEATURES

      We process your personal data because it is necessary for the performance of our Services, to provide, personalise, maintain and improve our Application and Website. In this respect, we use your personal data for the following, whether you are a User, Logistic provider or Merchant whenever applicable;

      • To provide and maintain the Services;

      • To notify you about changes to our Services or change and update of the Applications;

      • To allow you to participate in interactive features of our Services when you choose to do so;

      • To provide Customer care and support;

      • To provide analysis or valuable information so that we can improve our Services;

      • To monitor the usage of the Services and analyse our users’ activities and demographic data including trends and usage of any logistic services available on the Application;

      • To detect, prevent and address technical issues;

      • To conduct due diligence checks, KYC and any checks as we may in our discretion consider necessary before we register you as a User and any other checks on your identity and Vehicle for the purpose of legal compliance under Applicable laws;

      • To verify your identity;

      • To verify your age;

      • To validate your order and process payments, including where applicable, transactions made through any payment systems and services available over the Application;

      • To validate your order and process payments;

      • To process and manage your rewards whenever applicable;

      • To process, manage or verify your application of promotions, rewards and subscriptions with Bamboo Bowls ;

      • To process and facilitate payments due to you relating to any Services you have provided as a Logistic provider;

      • To perform internal operations necessary to provide our Services, including software bugs and operational problems, conducting data analysis, testing and research, monitoring and analysing usage and activity trends;

      • To enable communications between our users;

      • To fulfil the Services to you as a data processor, where you have provided consent to the data controller, the organisation you had purchased goods or services from, and for whom Bamboo Bowls is providing services on behalf of, for such services to be rendered;

      • To undertake associated business processes and functions;

      • To monitor usage of the Application and administer, support and improve the performance efficiency, user experience and the functions of the Application;

      • To provide assistance in relation to and to resolve any technical difficulties or operational problems with the Application or the Services;

      • To generate statistical information and analytics data for the purpose of testing, research, analysis and product development;

      • Safety and security

      • To prevent, detect and investigate any prohibited, illegal, unauthorised or fraudulent activities;

      • To facilitate business asset transactions, including any mergers, acquisitions or asset sale, involving us and/or any of our affiliates, whether the transaction is completed or not;

      • To enable us to comply with our obligations under any Applicable laws, including to respond to regulatory enquiries, investigations or directives, complying with statutory or regulatory filing and reporting requirements, conducting audit checks, due diligence and internal investigations;

      • To prevent, detect and investigate any prohibited, illegal, unauthorised or fraudulent activities;

      • Research and development and security

      • Your personal data may be shared to any third party for which we have entered into a contract of service to facilitate our Service (“Service providers”), to provide the Services on our behalf, to perform Service-related services or to assist us in analysing and providing feedback on how our Services are used. Such any third party have access to your Personal data solely for the performance and for the purpose of their services hereunder. We hereby represent and warrant that such third parties are obligated not to disclose or use any of your personal data for any other purpose under their contractual obligations.

      • Marketing and promotions

      • To send you direct and marketing and promotional communications and information on special offers or promotions;

      • Where we share Personal Data with third parties (including our vendors, suppliers, contractors, partners and any others who provide services to us, perform functions on our behalf, or whom we enter into commercial collaboration with), for or in connection with the purposes for which such third parties are engaged, to perform certain disclosure to the relevant third parties which are technically require to process your transaction, or for the purposes of our collaboration with such third parties (as the case may be), which may include allowing such third parties to introduce or offer products or services to you, or other conducting activities including marketing, research analysis, checks (including background and verification check) and product development;

      • Legitimate interests and Legal purposes

        We also process your personal data because it is necessary for our legitimate interests, or sometimes where it is necessary for the legitimate interests of another related person. In this respect, we use your personal data for the following:

      • To comply with all of our legal obligations;

      • To protect and defend the rights or property of Bamboo Bowls;

      • To protect or investigate possible wrongdoing in connection with the Services;

      • To protect the personal safety of users of the Services or the General public;

      • Where there is any form or legal proceeding between you and us, or between you and another party, in connection with, or relating to the Services, for the purposes of that legal proceeding;

      • When we share Personal information with affiliates, we only do so for the purpose of helping us to provide the Application or to operate our business (including, where you have subscribed to our mailing list, for direct marketing purposes) or for the purpose of conducting data processing on our behalf. For example, an associate in another country may process and/or store your Personal Information of the Group;

  4. TRANSFER OF PERSONAL DATA

    1. TRANSFER

      1. When sharing your personal data with third parties located in a jurisdiction outside the country, state and city (“Home country”) in which you are present while using our Service to another country, state and city (“Alternate country”), this will only be transferred in accordance with applicable regulations and conditions such as, without limitation:

        • The third-party country is located in a jurisdiction outside the Home country that provides an adequate level of protection for those Personal Data and they are ensured by laws applicable to the third-party country and such jurisdiction has been designated by the Home country as providing an adequate level of protection for Personal data; or

        • The transfer is necessary for the conclusion or performance of a contract concluded in your interest for the performance of our Services between us and a third party. In each case stated above, such transfer of your Personal Data shall not require any specific authorisation or express consent from you.

      2. Whenever an alternate country and/or where Clean Eats & Co’s servers and/or service providers and partners are located outside of the Home country, you hereby understand and consent to the transfer of your Personal data outside of the Home country as described herein.

    2. RETENTION

      1. When sharing your personal data with third parties located in a jurisdiction outside the country, state and city (“Home country”) in which you are present while using our Service to another country, state and city (“Alternate country”), this will only be transferred in accordance with applicable regulations and conditions such as, without limitation:

      2. Some of your Personal data might be retained by other parties, for example any Logistic partner whenever you are a user, or the user and governmental authority whenever you are a logistic provider in some manner, such as screen capture. In such an event, you agree and acknowledge that the retention of your Personal data by the relevant institutions will follow their respective policy on data retention. Information transferred by way of communication between users and logistic providers made other than through the use of the Application, including by telephone, mobile messaging or other modes of communication or through collection of your personal data by our agents) may also be retained by some means. In such an event, Clean Eats & Co does not authorise the retention of Personal data by such means and hereby waive any liability to you for the same. As and whenever permitted by applicable laws, we shall not be liable for any such retention of your Personal data.
    3. ACCESS AND CORRECTION OF PERSONAL DATA

      1. You may request us for access to and/or for the correction of your Personal data in our possession, and control, by contacting us at the details provided below. Subject to Applicable law, we reserve the right to charge an administrative fee for such requests.

      2. We reserve the right to refuse your request for access to, or to correct, some or all of your personal data in our possession or control, if permitted or required under any Applicable Law. This may include circumstances where the Personal data may contain references to other individuals or where the request for access or request to correct is for reasons which we reasonably consider to be unreasonable.

    4. ENSURING INFORMATION IS ACCURATE AND UP-TO-DATE

      1. We take reasonable precautions to ensure that the Personal Data we Collect, Use and Disclose is complete, relevant and up-to-date. However, the accuracy of that information depends to a large extent on the information you provide. That's why we recommend that you:

      2. Let us know if there are any errors in your Personal Data; and

      3. Keep us up-to-date with changes to your Personal Data such as your name or address.

    5. HOW WE PROTECT YOUR DATA

      1. We are very concerned about safeguarding the confidentiality of your personal data. We employ administrative, physical and electronic measures designed to protect your information from unauthorized access.

      2. By using this website or the Services or providing Personal Information to us, you agree that we can communicate with you electronically regarding security, privacy, and administrative issues relating to your use of this website or Services.

      3. We use commercially reasonable physical, managerial, and technical safeguards to preserve the integrity and security of your Personal Information. We cannot, however, ensure or warrant the security of any information you transmit to us and you do so at your own risk. Once we receive your transmission of information, we make commercially reasonable efforts to ensure the security of our systems. However, please note that this is not a guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. If we learn of a security systems breach, then we may attempt to notify you electronically so that you can take appropriate protective steps

      Notwithstanding anything to the contrary in this Policy, we may preserve or disclose your information if we believe that it is reasonably necessary to comply with a law, regulation or legal request; to protect the safety of any person; to address fraud, security or technical issues; or to protect our rights or property. However, nothing in this Policy is intended to limit any legal defenses or objections that you may have to a third party, including a government’s, request to disclose your information.

  5. DISCLOSURE OF PERSONAL DATA

    As a matter of policy, we will not sell or rent information about you and we will not disclose information about you in a manner inconsistent with this Privacy Policy except as required by law or government regulation. We cooperate with law enforcement inquiries, as well as other third parties, to enforce laws such as those regarding intellectual property rights, fraud and other personal rights.

    We will not share the personal information we collect about you with any third party for their own marketing purposes without your consent.

    If you do not agree with our Privacy Policy, Terms of Service or Cookie Policy, please discontinue use of our Service; your continued usage of the Service will signify your assent to and acceptance of our Privacy Policy and Terms of Use.

    WE CAN (AND YOU AUTHORIZE US TO) DISCLOSE ANY INFORMATION ABOUT YOU TO LAW ENFORCEMENT, OTHER GOVERNMENT OFFICIALS, ANY LAWSUIT OR ANY OTHER THIRD PARTY THAT WE, IN OUR SOLE DISCRETION, BELIEVE NECESSARY OR APPROPRIATE IN CONNECTION WITH AN INVESTIGATION OF FRAUD, INTELLECTUAL PROPERTY INFRINGEMENT, OR OTHER ACTIVITY THAT IS ILLEGAL OR MAY EXPOSE US, OR YOU, TO LIABILITY.

    1. CLEAN EATS & CO & AFFILIATED ENTITIES

      We share personal data with our subsidiaries, associated companies, jointly controlled entities and affiliates.

    2. OTHER USERS

      The disclosure of your Personal Data with other users may occur in some events and for the performance of our Services. This includes;

      • Sharing your delivery locations with our delivery service providers fulfilling your order as a user;
      • Sharing your Personal data with your selected Merchant and User, including your name and photo; location and average rating as a Logistic partner, for example as Delivery partner;
      • Sharing your account statement data with your employer if you are a User of a Business account with us.
    3. SERVICE PROVIDERS

      We may provide Personal data to our vendors, consultants, marketing partners, research firms, and other service providers or business partners. This includes;

      • Payment processors and facilitators

      • Debt collectors

      • Credit bureau and other credit reporting agencies

      • Background check and anti-money laundering service providers

      • Cloud storage providers;

      • Research partners, including those performing survey or research projects in partnership with Clean Eats & Co or Clean Eats & Co’s behalf;

      • Fleet and Merchant partners;

      • Insurance and financing partners

      • Third party intermediaries involved in the managed investment of funds, such as brokers, asset managers and custodians;

      • Service providers who perform identity verification services;

      • We will not lease or sell your personal Data to any third parties.

      • Other than as provided in this Privacy policy, we may disclose or share your Personal data if we notify you of this in advance and we have obtained your consent for the disclosure of sharing

    4. Analytics

      We use Google Analytics and Google AdWords remarketing service to advertise on third party Websites (including Google) to previous visitors to our Website. It could mean that we advertise to previous visitors who haven’t completed a task on our Website, for example using the contact form to make an enquiry or complete a checkout. This could be in the form of an advertisement on the Google search results page, or a Website in the Google Display Network. Third-party vendors, including Google, use cookies to serve ads based on someone’s past visits to our Websites. Of course, any data collected will be used in accordance with our own privacy policy and Google’s privacy policy.

      We may use Third-party Service Providers to monitor and analyse the use of our services, including the following web analytics:

      • Google analytics: a web analytics service provided by Google LLC, (Mountain View, CA, USA) (“Google''). Google Analytics uses cookies to help the website analyse how users use the site. The information generated by the cookies about your use of the website will be transmitted to and stored by Google on servers in the United States.

        You may refuse the use of cookies by selecting the appropriate settings on your browser, however, please note that if you do this you may not be able to use the full functionality of the Website. You can also opt-out from being tracked by Google Analytics with effect for the future by downloading and installing “Google Analytics Opt-out Browser Add-on” for your current web browser. Please refer to their website for further information on usage rights or data protection of Google.

      We may share your Personal Data with our legal advisors, law enforcement officials, government authorities and other third parties where required or authorised by Applicable Law, for the purpose so specified in that Applicable law or complying with any request, order, directive or other instruction from Governmental Authority. This may take place to fulfil any of our legal purposes above-mentioned or whenever any of the following circumstances arise;

      • Where it is necessary to respond to an emergency that threatens the life, health or safety of a person’ or

        ○ Where it is necessary in the public interest (e.g. in a public health crisis, for contact tracing purposes and safeguarding our community).

    5. WHERE WE STORE PERSONAL INFORMATION

      (i) The Personal data that we collect from you may be stored at, transferred to, or processed by third party service providers including, ______Cloud. We will use all reasonable endeavours to ensure that all such third party service providers provide a level of protection that is comparable to our commitments under this Privacy policy.

      ii) Your Personal data may also be stored or processed outside of your Home country by personnel who work for us in other countries, or by our third party service providers, suppliers, contractors or affiliates, to the extent permitted under Applicable Law. In such case, we will ensure that such personal data remains subject to a level of protection comparable to what is required under the laws of your Home country (and, in any event, in line with this Privacy policy).

    6. SECURITY AND PROTECTION OF PERSONAL DATA

      (i) Clean Eats & Co is certified PCI DSS Compliance.

      (ii) We represent to all of our Users that we will take reasonable legal, organisational and technical measures to ensure that your Personal Data is protected. This includes measures to prevent Personal Data from getting lost, or used or accessed in an unauthorised way. We limit access to your Personal Data to our employees on a need to know basis. Those processing your Personal Data will only do so in an authorised manner and are required to treat your information with confidentiality.

      (iii) However, you understand that the transmission of information via the internet cannot and is not completely secure. Whilst we will use our best effort to provide your personal information with a reasonable level of protection, we cannot guarantee the security of your Personal Data transmitted through any online means, therefore, any transmission remains at your own risk at all times. You are responsible for keeping your Account details confidential and you must not share your password with anyone and you must always maintain the security of the mobile device that you use.

  6. THIRD PARTY PLATFORMS

    The Application, Website and Marketing Materials may contain links to websites, plug-ins, and applications that are operated by Third parties (“Third Party Platforms”). Clicking on these links or enabling any connections to these Third Party Platforms may allow such third parties to collect and process your Personal data. Before submitting or uploading any Personal data over these Third Party Platforms, you should consult the terms and conditions and privacy policies of these Third Party Platforms to find out how they collect and use your Personal data. We do not control nor accept liability or responsibility for these Third Party Platforms and/or the collection, use, maintenance, sharing or disclosure of data and information by such third parties.

  7. YOUR RIGHTS

    (i) In accordance with applicable laws and regulations, you may be entitled to the followingrights:

    • To obtain access, and copies of, your personal data that we hold, upon sufficient written notice addressed to Clean Eats & Co

      To require that we cease processing your personal data by withdrawing your consent to the processing of your Personal Data (where we are processing your Personal Data based on your consent);

      To request the correction and/or whenever applicable deletion of your Personal Data;

      To receive from us the personal data we hold about you which you have provided to us, in a reasonable format specified by you, including the purpose of your transmitting that personal data to another data controller’

      To complain to the relevant data privacy authority if your data privacy rights are violated, or if you have suffered as a result of unlawful processing of your Personal Data.

    (ii) Please note that the above rights are not absolute, and we may be entitled to refuse requests where exceptions apply whenever applicable.

    (iii) Please contact us via the customer service hotline 87489978 only, as soon as reasonably possible, should you wish to make a request to exercise your rights stated above.

    We will screen and verify all requests beforehand. In order to verify that you have the authority to make any such request, you may be required to provide us with additional information, supporting documentation or information to corroborate the request. Once your request is approved, we will give effect to your request in accordance with the timelines prescribed by applicable laws.

    OPTING OUT OF INFORMATION SHARING

    We understand and respect that not all users may want to allow us to share their information. If you do not want us to share your information, please contact us through the website and we will remove your information as soon as reasonably practicable. When contacting us, please clearly state your request, including your name, mailing address, email address and phone number.

    However, under the following circumstances, we may still be required to share your personal information:

    1. if we are responding to court orders or legal process, or if we need to establish or exercise our legal rights or defend against legal claims.

    2. If we believe it is necessary to share information in order to investigate, prevent or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Terms of Use or as otherwise required by law.

    3. If we believe it is necessary to restrict or inhibit any user from using any of our Site, including, without limitation, by means of "hacking" or defacing any portion thereof.

  8. LANGUAGE

    If there is any inconsistency between the English version of this Privacy policy and other language versions, the English version shall prevail.

  9. BREACH OF THE PRIVACY POLICY

    We reserve the right to terminate or suspend any account or delete certain contents from any profile or public domain within the ambit of this website if the said account or content is found to be in violation of our privacy policy. We sincerely request you to respect privacy and secrecy concerns of others. The jurisdiction of any breach or dispute shall be determined in accordance with the terms of use of the website.

  10. NO RESERVATIONS

    We do not accept any reservation or any type of limited acceptance of our privacy policy. You expressly agree to each and every term and condition as stipulated in this policy without any exception whatsoever.

  11. PHISHING OR FALSE EMAILS

    If you receive an unsolicited email that appears to be from us or one of our members that requests personal data (such as your credit card, login, or password), or that asks you to verify or confirm your account or other personal information by clicking on a link, or to provide your personal information to any other user that email was likely to have been sent by someone trying to unlawfully obtain your information, sometimes referred to as a "phisher" or "spoofer." We do not ask for this type of information in an email. Do not provide the information or click on the link. Please contact us on the contact details provided on the website if you get an email like this. We shall not be responsible for any fraudulent or unlawful acts done by any person/persons if you provide any information to any such person.

  12. MENDMENTS / UPDATES

    We shall have the right to modify, update or amend the terms of this Policy at any time by placing the updated Policy on the Website. By continuing to use the App, Website or Services, to purchase products from us or to communicate or engage with us following the modifications, updates or amendments to this Policy, you signify your acceptance of such modifications, updates or amendments.

  13. CONTACT

    If you have any queries about this policy or would like to exercise your rights set out in this Policy, please contact us via the In-App Help Centre only. Any queries made directly to us via email or telephone or any other contact support may not be answered for security and compliance purposes.

  14. ACKNOWLEDGEMENT AND CONSENT

    (i) By accepting this Privacy Policy, you acknowledge that you have read and understood this Privacy policy, and you accept all of its terms. In particular, you agree and consent to us collecting, using, disclosing, storing, transferring or otherwise processing your Personal data in accordance with this Privacy policy.

    (ii) In circumstances where you provide us with information relating to third parties (which may include Personal Information relating to your spouse, family members or any third party authorised by you) you represent and warrant that you have obtained such third party’s consent for, and hereby consent on behalf of such third party to, the collection, use , disclosure and processing of such information by us.

    (iii) You may withdraw your consent to any or all collection, use or disclosure of your Personal data at any time by giving us reasonable notice in writing using the contact details stated above. Depending on the circumstances and the nature of the consent which you are withdrawing, you must understand and acknowledge that after such withdrawal of consent, you may no longer be able to use the Application or any other of our Service Platforms. A withdrawal of consent by you may result in the termination of your Account or of your contractual relationship with us, with all accrued rights and obligations remaining fully reserved. Upon receipt of your notice to withdraw consent for any collection, use or disclosure of your Personal data, we will inform you of the likely consequences of such withdrawal so that you can decide if indeed you wish to withdraw consent.

  15. This Privacy Policy shall be governed in all respects by the laws of Singapore. For the avoidance of doubt, the Singapore laws will apply to the processing of your Personal Data.

2- ANTI-MONEY LAUNDERING POLICY

Persons availing of the any of the services from Clean Eats & Co (hereinafter referred to as “us”, “we”, “Bamboo Bowls”, “Clean Eats & Co”) or engaging in any transactions on any digital/non-digital platform provided or operated by Clean Eats & Co, directly or indirectly, are referred to herein, as “Users”.

This is an agreement between the Company and the User, which is binding on the User. All Users are required to comply with the terms of this agreement at all times, and any instance of non-compliance will result in the termination of such user’s accounts on the Bamboo Bowls platform, and in appropriate reporting of the circumstances of such non-compliance and such termination to the relevant statutory authorities.

Integrity, honesty and ethical business practices are some of the core values of Bamboo Bowls, and We strongly condemn any and all activities related to terrorism, money laundering, and all other unlawful actions. In order to prevent misuse of the services provided on the Bamboo Bowlsplatform, Users are required to strictly comply with the terms contained herein, which forms part and parcel of the User Terms and Conditions.

All terms defined in the Terms of Service and the Privacy Policy will carry the same meaning, force and effect in this AML Policy.

  1. INTRODUCTION

    The Monetary Authority of Singapore (MAS) has issued comprehensive guidelines on Anti-money Laundering (AML) standards and has advised that Fintech companies have a clear requirement of transaction monitoring program in place. More specifically, Fintech companies must conduct ongoing monitoring to ensure that transactions are consistent with customers/users’ risk profiles, and to verify the source of their funds.

    Accordingly, in compliance with the guidelines issued by MAS from time to time, the following AML policy is approved by the Board of Clean Eats & Co Pte. Ltd. (hereafter “Clean Eats & Co ” or “the Company”).

    The policy is applicable to all categories of products and services offered by the Company.

  2. OBJECTIVE

    Objective of MAS guidelines is to prevent Clean Eats & Co’s being used, intentionally or unintentionally by criminal elements for money laundering activities. The guidelines also mandates making reasonable efforts to determine the true identity and beneficial ownership of accounts, source of funds, the nature of customer/user’s business, reasonableness of operations in the account in relation to the customer/user’s business, etc. Which in turn helps the Company to manage its risks prudently. Accordingly, the main objective of this policy together with the Privacy Policy and Terms of Use is to enable the Company to have positive identification of its Users.

    ANTI-MONEY LAUNDERING

    Money-Laundering (“ML”) refers to:

    1. the conversion or transfer of property knowing or suspecting that such property is derived directly or indirectly from, or the proceeds of, criminal activity or from an act or acts of participation in criminal activity, for or purposes of concealing or disguising the origin of the property or of assisting any person or persons involved or concerned in criminal activity;
    2. the concealment or disguise of the true nature, source, location, disposition, movement, rights with respect of, in or over, or ownership of property, knowing or suspecting that such property is derived directly or indirectly from criminal activity or from an act or acts of participation in criminal activity;
    3. the acquisition, possession or use of property knowing or suspecting that the same was derived or originated directly or indirectly from criminal activity or from an act or acts of participation in criminal activity;
    4. retention without reasonable excuse of property knowing or suspecting that the same was derived or originated directly or indirectly from criminal activity or from an act or acts of participation in criminal activity;
    5. attempting any of the matters or activities defined in the above foregoing sub-paragraphs (i), (ii), (iii) and includes acting as an accomplice in respect of any of the matters or activities defined in the above foregoing sub-paragraphs.

    We have zero tolerance towards use of our Services for any illegal purpose. Any such abuse by any User shall result in forthwith termination of the account and reporting of such activities to concerned regulatory and statutory authorities.

    Users shall be bound by the terms of the Anti-Money Laundering Policy (“AML Policy”) in addition to the terms contained herein. The terms of the AML Policy shall be read as part and parcel of these presents.

    Users shall ensure that the terms of the AML Policy are strictly complied with. We shall not allow our Services and any future platforms that it might support, to be used for any illegal purpose including for money laundering or the funding of terrorism or any other criminal activities.

    We shall report all suspicious activities to the concerned authorities to ensure initiation of investigation and prosecution. Users are therefore strongly cautioned against misuse of our Services in any manner for illegal activities.

    Acceptance of the terms herein shall tantamount to acceptance of the AML Policy and the terms contained therein. Users are required to read, understand and affirm the AML Policy before clicking the “I Accept” button to these Terms and Conditions. We may periodically review and revise, modify or update the AML Policy to ensure that it complies with the requisites of applicable Law. By accepting the terms herein and by continued use of our Services, Users are deemed to have agreed to such revised terms of the AML Policy and shall be bound by the same. Users who do not wish to abide by the same are not permitted to continue use of our Services and the same shall stand terminated upon compliance with the process set out there for.

    We reserves the right to decline or discontinue, as the case may be, any account, at its discretion, with present as well as prospective Users at all times. In the event of any suspicious activity being disclosed or a User is suspected of abusing our Services or platform, we shall have the right but not the obligation to suspend or terminate any account of a User, until a reasonable and satisfactory explanation with supporting documents is provided.

    Where applicable, intimation of such suspension or termination shall be duly sent to the User and the accumulated currency in the account of such User shall be duly secured and shall accrue in favour of such User, unless otherwise appropriated by us towards dues owed to us or is retained pending confirmation from a regulatory or statutory authority or in compliance with an order from a Government Authority or Court. Amounts lying in the accounts of Users suspected of illegal activities or of abusing the platform shall however not be released in favour of such User until the requisite documents and explanations, as set out above are furnished or upon receipt of an order permitting the same from an appropriate Court or Government authority.

    SUSPICIOUS TRANSACTIONS:

    “Suspicious Transaction” means a transaction, whether or not made in cash which, to a person acting in good faith:

    1. give rise to a reasonable ground of suspicion that it may involve proceeds or crime, regardless of the value involved; or
    2. appears to be made in circumstances of unusual or unjustified complexity; or
    3. appears to have no economic rationale or bona fide purpose; or
    4. gives rise to a reasonable ground of suspicion that it may involve financing of the activities relating to terrorism;

    Explanation —Transaction involving financing of the activities relating to terrorism includes transaction involving funds suspected to be linked or related to, or to be used for terrorism, terrorist acts or by a terrorist, terrorist organization or those who finance or are attempting to finance terrorism.

    Transactions which shall be considered as Suspicious:

    • Activities not consistent with the user’s business (i.e. accounts with large volume of credits whereas the nature of business does not justify such credits);
    • Any attempt to avoid Reporting/Record-Keeping Requirements/provides insufficient/ suspicious information:
      • A user who is reluctant to provide information needed for a mandatory report, to have the report filed or to proceed with a transaction after being informed that the report must be filed;
      • Any individual or group that coerces induces or attempts to coerce/induce the Company from not filing any report or any other forms;
      • An account where there are several cash transactions below a specified threshold level to avoid filing of reports that may be necessary in case of transactions above the threshold level, as the user intentionally splits the transaction into smaller amounts for the purpose of avoiding the threshold limit.

    Some examples of suspicious activities/transactions to be monitored by the operating staff:

    • Multiple user accounts under the same name;
    • Refusal to furnish details of source of funds by which initial contribution is made, sources of funds is doubtful etc.;

    There are reasonable doubts over the real beneficiary.

    Users are hereby duly cautioned against use of our Services for illegal activities. Any such use or attempt to use our Services for illegal activities shall tantamount to abuse of the terms of this Agreement, which would result in forthwith termination of this agreement without notice and appropriation of the amounts lying in the User account.

    We shall appoint person/persons who shall be officer/s for ensuring compliance with its policies (“Officer”). The Officer shall also provide all details required by regulatory and statutory authorities.

    Upon identification of “suspicious transactions”, as stipulated in the AML Policy, or as per the internal vigilance process, the Officer shall forthwith initiate processes for suspension or termination of the User account and for reporting the same applicable regulatory and/or law enforcement authorities.

    We may periodically review, revise, modify or update the AML Policy including to ensure its compliance with subsisting / new regulations and legal requirements. Amended AML Policy shall be uploaded on the Website and we shall also intimate User of such amendments. Non-receipt of such intimation shall not exonerate User from complying with the revised Policy. Continued use of our Services shall be deemed consent to such revised terms. User shall ensure due compliance with such amended Policy within timeframes prescribed for the same. Failure to do so shall amount to a material breach, which could result in suspension, cancellation or termination of this agreement. User may also opt to terminate the Agreement by following prescribed procedures, in the event that the User does not wish to comply with such revised policies.

    HIGHLIGHTING SUSPICIOUS TRANSACTIONS

    1. Prohibited Activities: We have a very strict policy of not allowing its services to be knowingly used for any “Prohibited Activities”. No customer shall use our services
    2. For any Prohibited Activities: we may conduct manual checks to ensure that not customer is indulging in Prohibited Activities; these checks may in future become automated. The Prohibited Activities for the purposes of this policy shall include:
    3. Fraud: Any act or omission, including a misrepresentation that knowingly or recklessly misleads, or attempts to mislead, a party to obtain a financial or other benefit or to avoid an obligation.
    4. Corruption: offering, giving, receiving, or soliciting, directly or indirectly, anything of value to influence improperly the action of another party.
    5. Collusion: arrangement between two or more parties designed to achieve an improper purpose, including influencing improperly the actions of another party.
    6. Terrorist financing: provision or collection of funds, by any means, directly or indirectly, with the intention that they should be used or in the knowledge that they are to be used, in full or in part, in order to carry out any of the offences within the meaning of Articles 1 to 4 of Council Framework Decision 2002/475/JHA of 13 June 2002 on combating terrorism.
    7. Criminal conduct: conduct, which constitutes an offence in any part of the world or would constitute an offence in any part of the world if it occurred there.
    8. Money laundering: Money laundering is essentially the process of engaging in such financial transactions that are designed to conceal the true origin of criminally derived proceeds for the purpose of ensuring that such proceeds appear to have been received through legitimate sources/origins.

    ACTIONS

    In case it comes to our knowledge of or we become suspicious that any customer is engaging in any Prohibited Activities we shall reserve the right to terminate the account of the customer and prevent such customer from undertaking any further actions on any of our services, existing or in future. We shall further be fully entitled, if it so chooses, to report such suspicious activities to the appropriate authorities.

  3. MONITORING OF TRANSACTIONS

    Ongoing monitoring is an essential element of effective KYC procedures. The Company can effectively control and reduce the risk only if it has an understanding of the normal and reasonable activity of the user so that they have the means of identifying transactions that fall outside the regular pattern of activity. However, the extent of monitoring will depend on the risk sensitivity of the account. The different business divisions pay attention to all complex, unusually large transactions and all unusual patterns which have no apparent economic or visible lawful purpose. High-risk accounts are subject to intensify monitoring.

    The transaction monitoring process should examine specific characteristics, including:

    • The nature of the transaction relating to the user’s business profile;
    • Whether transactions were made with the intent to avoid reporting thresholds;
    • The destination of payments (e.g. to or from high risk countries);
    • The parties involved (e.g. inclusion on sanctions lists or watch lists).
  4. RISK MANAGEMENT

    The development and implementation of an effective AML Program must be based on a risk assessment. For this reason, the company is required to conduct risk assessment of its business, customers, products, and the geographic location in which it operates, in accordance with a standard risk assessment methodology.

    The Company must determine the AML vulnerabilities of the company products/services, the AML risks associated with the geographies in which it operates, and the AML risks of the customers with whom it deals. The Company must also assess the effectiveness of the company controls to manage and mitigate the AML risks. The selection of risk categories and the weights given to risk categories in money laundering risk assessment vary depending on the circumstances.

    Clean Eats & Co has put in place appropriate procedures to ensure effective implementation of KYC guidelines. The implementation procedure covers proper management oversight, systems and controls, segregation of duties, training and other related matters.

    Clean Eats & Co’s Risk Management team from time to time will carry on the necessary quality checks and file audits to ensure that the KYC policies and procedure are adhered to from time to time. As a part of the risk policy, the Risk Management team has provided a comprehensive list of documents that can be used as a part of the KYC guidelines.

    In order to provide a framework for identifying AML risks, the Company shall conduct a money laundering risk assessment by first determining inherent money laundering risk, then reviewing mitigating controls, and in consideration of the inherent risk and mitigating controls, determine the overall residual money laundering risk. The results of the risk assessment and any recommendations for control improvements must be provided to senior management for review and approval. Results of the money laundering risk assessment, the methodology, the analysis, and any supporting documentation of each will be maintained for at least _7_________ years.

    The company money laundering risk assessments must be updated on a regular basis, generally at least every 18 months. The company risk assessment must also be updated whenever material changes occur to products, services, customers or geographies that would materially impact the risk assessment. Any new product or sales activity or new line of business must undergo an AML risk assessment as described in this Section.

  5. PAYMENT SECTION SCREENING

    The guidelines requires to conduct ongoing payment sanctions screening to ensure their users are not connected to terrorist activities or organizations.

    It is necessary to ensure that the identity of the user/director/partner/authorized signatory does not match with the list of designated individuals and entities, as defined by Singapore’s First Schedule of the Terrorism (Suppression of Financing) Act.Where the Risk management team find a positive hit, it is required to freeze the payment without delay, along with the funds and assets of the designated persons or entities (if possible).

  6. AML/ CFT ONBOARDING AND MONITORING

    Singapore’s AML/CFT regulations require that the Company performs a variety of Customer Due Diligence (CDD) checks when onboarding users and monitoring then throughout the business relationship. That process involves verifying users identities to ensure they are who they say they are, and that they are being truthful about the nature of their business.

    Clean Eats & Co’s onboarding and monitoring requirements include checks for Politically Exposed Persons (PEP) and Adverse Media, both of which can reveal user’s potential involvement in money laundering.

    The Company shall exercise ongoing due diligence with respect to the business relationship with every User and closely examine the transactions in order to ensure that they are consistent with their knowledge of the User, his business and risk profile and where necessary, the source of funds.

    The Company will also review its due diligence measures and undertake measures to re-verify the identity of a User and obtain further information on a User’s activities, if the Company has any suspicions of money laundering or the financing of terrorism.

    All due diligence undertaken by the Company is documented, designed to consider all relevant risk factors in determining overall risk and the appropriate mitigation measures, is kept up to date; and will always be available to the relevant authorities and self-regulating bodies.

    The Company will, in particular, monitor the following categories of transactions, and will conduct due diligence on an ongoing basis on them:

    1. large, complex transactions, including those with unusual patterns that are inconsistent with a User’s normal / expected level of activity, without an apparent economic rationale or legitimate purpose; and
    2. transactions that involve high account turnover, inconsistent with the size of the balance ordinarily maintained by a User.

    The Company’s staff are trained in The Company’s due diligence and anti-money laundering measures, as well as all requirements prescribed under Applicable Law for this purpose and may be contacted if any User has questions or concerns about any of measures contained in this AML Policy.

    ENHANCED DUE DILIGENCE

    In risk-sensitive instances or where the customer is not present and there is some doubt e.g. due to online applications via its platform, the Company shall apply EDD measures. EDD measures are additional measures to the CDD measures.

    EDD measures are applied in order to ensure that the higher risks presented by certain Customers and transactions are better monitored and managed to avoid any involvement in ML/Funding of Terrorism.

    Thus, the Company applies EDD measures when the Operations Department classifies the Customer as high risk and, in all cases, where the customer is not present.

    EDD measures are applied in the following cases:

    1. where the Applicant has not been physically present for identification purposes and classified as high risk subject to the Company's CDD measures;
    2. in relation to cross-border correspondent banking relationships; or
    3. in relation to a Business Relationship or Occasional Transaction with a PEP.

    In the above-mentioned instances, the Officer and the Designated Employee/s are to be consulted in order to confirm which of the EDD measures indicated hereunder are to be applied whenever the applicant is not present and classified as high risk customer.

  7. INDICATIVE LISTS FOR RISK CATEGORISATION

    1. LOW RISK CATEGORY

      Individuals (other than High Net Worth) and entities whose identities and sources of wealth can be easily identified and transactions in whose accounts by and large conform to the known profile, shall be categorised as low risk.

        Illustrative examples are:

      • Salaried employees whose salary is structure is well-defined;

      • People belonging to lower economic strata of the society whose accounts show small balances and low turnover.

    2. MEDIUM &HIGH RISK CATEGORY

      Users that are likely to pose a higher than average risk may be categorized as medium or high risk depending on user’s background, nature and location of activity, country of origin, sources of funds and his user profile etc.

      Illustrative examples are:

      • Non Resident users;

      • High Net worth individuals;

      • Politically Exposed Persons (PEPs of Singapore/ Foreign Origin;

      • Those with dubious reputation as per public information available.

      AML REPORTING MAINTENANCE AND CONFIDENTIALITY

      We will hold reports and any supporting documentation confidential. We will not inform anyone outside of the authorities or other appropriate law enforcement or regulatory agency about a report. We will segregate report filings and copies of supporting documentation from other firm books and records to avoid disclosing information. We will handle all requests for reports. We may share information with another financial institution about suspicious transactions in order to determine whether we will jointly file a report according to the rules and regulations of the authorities. In cases in which we file a joint report for a transaction that has been handled both by us and another financial institution, both financial institutions will maintain a copy of the filed report.

      ENTIRE AGREEMENT

      These terms collectively represent the entire agreement and understanding between you and us and supersede any other agreement or understanding (written, oral or implied) that you and we may have had. Any statement, inducement, promise, covenant or condition not expressly found either in these Terms shall be deemed as void.

      CONTACT US

      In regard to any clarification of our AML Policy, please contact us at ____87489978__.