This addendum (“Addendum”) supplements the Digital Edge Privacy Statement and Practices (“Privacy Statement”) and sets forth, in greater detail, the information related to how Digital Edge processes Personal Data of users in South Korea under the Personal Data Protection Act (“PIPA”) and other applicable privacy regulations in South Korea. The Addendum constitutes an integral part of the Privacy Statement.
Notwithstanding the foregoing, in accordance with the PIPA and other applicable privacy regulations, we will provide a separate information notice and obtain your consent accordingly in order to process your Personal Data, unless consent is not required per an applicable law.
Notwithstanding the foregoing, we provide Personal Data to or outsource the processing thereof to third parties as below.
Provision of Personal Data to Third Parties
Digital Edge does not use the collected Personal Data for any purpose other than the purpose for which personal information is collected or provide such information to a third party, unless such use or transfer is permissible under the Personal Information Protection Act or other applicable laws and regulations.
If third party transfer of personal information is necessary, Digital Edge may provide personal information to a third party with separate consent of the subject of personal information.
Outsourcing of the Processing of Personal Data to Third Parties
Grant Thornton Daejoo
Contact Details: Donga Ha Bldg 3rd Fl., 2913 Nambusunwhatn-ro, Gangnam-gu, Seoul, Korea 06280
Purpose of use of personal information by the person receiving personal information: Payroll, bookkeeping and tax related services on behalf of Digital Edge.
Categories of personal information transferred: ForEmployees: name, age, bank account details, employee ID, dependents, passport, family relation certificate, employment agreement, contact information (phone, address, email, etc) and salary information. For suppliers and customers:Any details included on invoices, including VAT number, bank details, transaction details related to the goods and services acquired by or from Digital Edge.
Period of retention and use of personal information by the person receiving personal information: Retain in accordance with Grant Thornton’s data retention policy, (except where it is necessary to retain personal information under the relevant laws and regulations).
Cross-border Storage/Outsourcing of Personal Data to Third Parties
Digital Edge (Singapore) Pte Ltd.
Country to which personal information is transferred: Singapore
Time and method of transfer of personal information: Personal information is encrypted using a safe security server after collection and transferred to data server through information and communications network as required
Categories of personal information transferred: E-mail address, encrypted password(s), name(s), phone numbers, registered social media (Line, WhatsApp, LinkedIn, etc.), address, and services acquired.
Purpose of use of personal information by the person receiving personal information: Storage and management of collected personal information of customers and potential customers, Hosting and IT support, Business support – central support functions (service support, billing, customer communications, marketing, hiring of potential candidates and undertaking background checks, etc), Global business analysis of central support function at the Digital Edge Group level.
Period of retention and use of personal information by the person receiving personal information: Retain in accordance with Digital Edge Group data retention policy, (except where it is necessary to retain personal information under the relevant laws and regulations).
Digital Edge (Hong Kong) Pte Ltd.
Country to which personal information is transferred: Hong Kong
Time and method of transfer of personal information: Personal information is encrypted using a safe security server after collection and transferred to data server through information and communications network as required
Categories of personal information transferred: E-mail address, encrypted password(s), name(s), phone numbers, registered social media (Line, WhatsApp, LinkedIn, etc.), address, and services acquired.
Purpose of use of personal information by the person receiving personal information: Same as above.
Period of retention and use of personal information by the person receiving personal information: Same as above.
Country to which personal information is transferred: Australia | Philippines
Contact detail: Level 11, 1 Margaret Street, Sydney, NSW 2000/ jaehyunl@cloudstaff.com
Time and method of transfer of personal information: Personal information is encrypted using a safe security server after collection and transferred to data server through information and communications network right away
Categories of personal information transferred: Name, Surname, Address, Email Address, Telephone no., IP address, data collected on Digital Edge’s Customer Portal (Odoo.com).
Purpose of use of personal information by the person receiving personal information: Customer support service via chat service. Our Helpdesk staff and engineers may access this information in a limited and reasonable manner in order to solve any issue with our services, or at your explicit request for support reasons, or as required
by law, or to ensure the security of our services in case of violation of our Acceptable Use Policy in order to keep our services secure.
Period of retention and use of personal information by the person receiving personal information: 2 years
Odoo Limited
Country to which personal information is transferred: Singapore (production server) and Canada and France (backup server)
Contact detail: Odoo S.A. - Data Protection, Chaussée de Namur, 40 1367 Grand Rosière, Belgium |privacy@odoo.com
Time and method of transfer of personal information: Personal information is encrypted using a safe security server after collection and transferred to data server through information and communications network as required
Categories of personal information transferred: Email address, name, postal address, telephone number(s), IP addresses, job applications (and if we decide to send you a job offer, we will also ask you to provide extra personal details as required to fulfill our legal obligations and personnel management requirements),browser language and geolocation.
Purpose of use of personal information by the person receiving personal information: Odoo does not use the personal data directly, but provides cloud-based ERP Software as a service to Digital Edge which will use the data to support sales, operations, and billing services for our customers and manages our Human Resource Information System, including our recruiting process.
Period of retention and use of personal information by the person receiving personal information: Information will be stored on the supplier’s server as long as the business need and will be accessed by Digital Edge’s personal only
Metabase, Inc.
Country to which personal information is transferred: Virginia, USA
Contact detail: 660 4th Street, #557, San Francisco, CA 94107 /legal@metabase.com
Time and method of transfer of personal information: Personal information is encrypted using a safe security server after collection and transferred to data server through information and communications network as required
Categories of personal information transferred: Email address, name, postal address, telephone number(s), IP addresses,browser language and geolocation and other anonymized data which can be found at:https://www.metabase.com/docs/latest/information-collection.html.
Purpose of use of personal information by the person receiving personal information: Metabase does not use the personal data directly but provides cloud-based business intelligence/data visualization software as a service to Digital Edge which will use the data to support decision making and operations. Metabase uses anonymized data to improve on the products and services offered to Digital Edge.
Period of retention and use of personal information by the person receiving personal information: Information will not be stored on Metabase’s servers – once the service or script is complete, the information is deleted and no longer stored or accessible on Metabase’s servers.
Trustifi LLC
Country to which personal information is transferred: Singapore
Contact detail: Trustifi LLC, 6543 S Las Vegas Blvd, Las Vegas, NV 89119
Telephone:+1-(844) 235-0084
Time and method of transfer of personal information: Personal information is protected for both in transit and in rest by market standard’s encryption
Categories of personal information transferred: E-mail address, E-mail content, Names and email addresses of senders/ recipients of emails; Photographs, images, and videos; Device identifiers – such as the Internet Protocol (IP) address and other types of unique device identifiers. Personal information which is collected and processed by Trustifi may also include sensitive data, which may reveal your ethnic origin, health data, religion, sexual orientation, etc.
Purpose of use of personal information by the person receiving personal information: Scan and encrypt files and email content to identify and filter out potential phishing attempts and viruses. As part of the scanning process, Trustifi may have access to various types of personal information set forth above, however, they will only use and process such information for the sole purpose of providing the services to Digital Edge (namely anti-phishing and anti-virus scanning).
Period of retention and use of personal information by the person receiving personal information: For as long as necessary to provide the services to Digital Edge, and as necessary to comply with Trustifi’s legal obligations, resolve disputes, and enforce our policies. Retention periods will be determined to take into account the type of information that is collected and the purpose for which it is collected, bearing in mind the requirements applicable to the situation and the need to destroy outdated, unused information at the earliest reasonable time.
Microsoft Regional Sales Pte Ltd.
Country to which personal information is transferred: Hong Kong and Singapore
Contact detail: Microsoft EU Data Protection Officer, One Microsoft Place, South County Business Park, Leopardstown Dublin 18 D18 P521, Ireland
Telephone: +353 (1) 706-3117
Time and method of transfer of personal information: Data is transferred to supplier’s servers in encrypted tunnel and stored on the server with industrial lead encryption algorithm. The information will be transferred to the server from time to time.
Categories of personal information transferred: Email address, name, postal address, IP address, email content, Personal information may also include sensitive data, which may reveal your ethnic origin, health data, religion, sexual orientation, etc.
Purpose of use of personal information by the person receiving personal information: Microsoft provides cloud-based office suite used by Digital Edge, consisting of client software applications and connected experiences designed to enable customers like Digital Edge to create, communicate, and collaborate more effectively.
Period of retention and use of personal information by the person receiving personal information: Information will be stored on Microsoft’s server as long as necessary to provide the products and fulfill the transactions requested by Digital Edge, or for other legitimate purposes such as complying with its legal obligations, resolving disputes, and enforcing its agreements with Digital Edge. Because these needs can vary for different data types, actual retention periods can vary significantly.
Specifically, we will retain your Personal Data for the period necessary to fulfill the purposes outlined in the Privacy Statement unless a longer retention period is required or permitted by law, such as in the following cases:
Records on contracts and withdrawal of subscriptions: 5 years (as required under the Act on Consumer Protection in Electronic Commerce Transactions)
Records on payments and supply of goods: 5 years (as required under the Act on Consumer Protection in Electronic Commerce Transactions)
Records on consumer complaints and processing of disputes: 3 years (as required under the Act on Consumer Protection in Electronic Commerce Transactions)
Records on electronic financial transactions: 5 years (as required under the Electronic Financial Transactions Act)
Records of logins: 3 months (as required under the Protection of Communications Secrets Act)
The process and method for destroying Personal Data are set forth below.
Destruction Process
We select certain items of Personal Data to be destroyed and destroy them with the approval of the Chief Privacy Officer.
Destruction Method
We destroy Personal Data recorded and stored in the form of electronic files by using a technical method to ensure that the records may not be retrieved, while Personal Data recorded and stored in the form of paper documents would be shredded or incinerated.
You can block cookies by changing the settings of your browser. However, please note that, by blocking cookies, you may become unable to use some of the services on our website. Also, depending on your usage environment (such as browser settings and internet connection), it may not be possible to block cookies in some cases.
We have designated the following person as the Chief Privacy Officer who is responsible for handling your queries and complaints regarding the processing of Personal Data.
Name : Peter Ham
Last updated: 08 April 2023