DATA PROTECTION POLICY AND PRIVACY NOTICE

INTRODUCTION

On 15 October 2012, the Personal Data Protection Act (“PDPA”) was enacted to establish the law on data protection in Singapore. The Act came into force on 2 January 2013 and regulates the collection, use, disclosure, and care of personal data by organizations in the private sector.

The Personal Data Protection Commission (“PDPC”) was established as the statutory body responsible for administering and enforcing the PDPA. The PDPA applies to private sector organizations but does not apply to public sector agencies.

Juzz Marketing Pte Ltd is committed to protecting personal data and ensuring compliance with the PDPA and all regulations issued by the PDPC of Singapore.

DEFINITIONS

For the purpose of this PDPA Compliance File:

• “Authorised Partners” refer to Juzz Marketing’s customers—agents, advisors, or any individual or organisation who has engaged or partnered with Juzz Marketing in relation to its marketing, promotional, or lead generation services.
• “We”, “Us”, or “Our” means Juzz Marketing Pte Ltd, including its employees, representatives, and related entities acting on its behalf.
• “User” refers to our lifestyle website users.

PERSONAL DATA

Personal Data refers to any data, whether true or not, about an individual who can be identified:

• From that data alone; or
• From that data and other information to which the organisation has or is likely to have access.

This includes both electronic and non-electronic forms of data.

Exceptions:

The following are not considered personal data under the PDPA:

• Business contact information (e.g., name, position, business address, telephone number, business email).
• Information about individuals who have been deceased for more than ten (10) years, subject to certain exceptions.
• Records of individuals that have existed for over one hundred (100) years.

TYPES OF PERSONAL DATA COLLECTED

We collect and process limited personal data necessary for legitimate business purposes, including:

• Name, Mobile Number or Email Address for contact and communication
• Age Range for compliance and eligibility
• Income Range or Occupation to understand our audience better
• Area of Residence to understand participant demographics

Juzz Marketing organizes the data provided to our Authorised Partners into two (2) distinct classifications:

• Bulk leads generated in the past one (1) year; and
  • New leads generated progressively over the next three (3) months.

METHOD OF COLLECTION

User’s personal data is collected through user registration and giveaways on our lifestyle website (https://upgradelifestyle.fun).

Users are notified and provide explicit consent to the collection, use, disclosure, and transfer of their personal data through our website’s consent form and privacy statement (https://upgradelifestyle.fun/privacy-policy/).

OUR COMMITMENT

We are committed to protecting personal data and ensuring compliance with the Personal Data Protection Act (PDPA) and the regulations issued by the Personal Data Protection Commission (PDPC) of Singapore.
Our responsibility is to ensure that personal and confidential information entrusted to us by our Authorised Partners and Users is collected, processed, and protected with the highest standards of integrity, transparency, and security.

To uphold this commitment, we implement the following measures and controls:

(a) Employee Awareness and Compliance

• All employees are made aware of PDPA requirements and receive ongoing data protection and privacy training.
• Access to personal data is strictly limited to authorised personnel, based on job function and a need-to-know basis.
• Regular internal reviews and audits are conducted to ensure compliance with PDPA principles and organisational data protection policies.

(b) Data Collection, Use, and Consent

• Consent clauses are included in all data collection forms used by Juzz Marketing.
• We process personal data only for purposes for which consent has been obtained.
• Users are informed of the purposes for which their data is collected, used, or disclosed.
• We provide a clear opt-out or unsubscribe mechanism whenever User wishes to withdraw consent.
• Juzz Marketing is aware of and aligns its data protection practices with the Advisory Guidelines on the PDPA for Children’s Personal Data in the Digital Environment issued by the PDPC of Singapore. Juzz only advertises its marketing materials to individuals aged 18 years old and above. We use an opt-in method and do not knowingly collect data from individuals under the age of 18. Authorised Partners are required to report to us immediately if they encounter such data, and we will delete it promptly.

(c) Data Retention and Accuracy

• In line with our data retention practice, while no fixed retention period is formally specified, our practice is to process User’s personal data that are no more than one (1) year old.
• Personal data is retained only as long as there is a valid business or legal purpose. Aside from promotional marketing, we need to retain the data to process raffle entry or giveaway winners. Users may opt-out or request data deletion at any time.
• We take reasonable steps to ensure that all collected personal data is accurate, complete, and up to date, while recognising that the opt-in method may not guarantee absolute accuracy of the information provided by the Users.

(d) Data Security and Safeguards

• We ensure adequate protection when transferring personal data within or outside Singapore.
• Our website and data management system have security measures in place to protect personal information. All data is securely stored in Singapore data centres and internal secured drives located in Singapore.
• Access to all data systems is controlled by strict authentication protocols and is granted only to authorised employees.
• All shared data is transmitted using password-protected files.
• Regular staff training is conducted on secure data handling and PDPA compliance.
• Physical safeguards are in place, including restricted office access and secure disposal of printed or outdated records.
• Ensure comprehensive data protection through frequent backups, strong firewall defenses, and proactive malware detection and removal.

(e) Access and Correction Rights

• Authorised Partners and Users may request access to their personal data and inquire how it has been used or disclosed within the past year.
• Authorised Partners and Users may also request corrections if their personal data is inaccurate or incomplete.
• Direct edits to system records are not permitted; all correction requests are verified and processed by us.

(f) Data Transfer and Handling of Leads

• Data is transferred securely to Authorised Partners in password-protected Excel files delivered via WhatsApp or Email.
• The frequency of transfer depends on the Authorised Partner’s selected package—either as a one-time transfer or progressively over three (3) months.
• Before any lead transfer, all data undergoes a multi-stage validation and compliance process as follows:
  – Remove Users who have withdrawn their consent.
  – Clean and process the leads to ensure all numbers are in use.
  – Upload leads to the Do Not Call (DNC) https://www.dnc.gov.sg.
  – Sort out the leads and remove DNC before final delivery to Authorised Partners.
• Juzz Marketing is aware that we cannot bypass SpiderGate or any other DNC compliance platforms and tools.

DNC & PDPC COMPLIANCE REPORTING

Juzz Marketing ensure all data comply with the Do Not Call (DNC) Registry and Personal Data Protection Commission (PDPC) requirements, we prepare reports for client’s perusal upon request.

Report includes:

1. General Information
2. Data Source Summary
3. DNC Registry Check Results
4. Consent & Data Protection Compliance
5. Access, Correction & Safeguards
6. Summary of Actions Taken
7. Declaration

In the event of a complaint, Juzz Marketing will furnish the corresponding User email entry along with the consent wording or a link to the landing page where consent was obtained.