Intercontinental Exchange

Singapore Privacy Policy

Updated January 23, 2017

Purpose & Scope

Solely in connection with and in accordance with the Personal Data Protection Act (Act 26 of 2012) of Singapore (the “PDPA”), this statement sets out the Privacy Policy and practices of Intercontinental Exchange, Inc., its subsidiaries and associated companies (together, the “Group” and each a “Company”) that will be followed with respect to the collection, use and/or disclosure of customers’ personal data.

Please note that this Privacy Policy complements, and does not limit or replace, the purposes for which you provide the Group with your personal data which may be expressly stated in any form for submission of personal data to the Group.

This Privacy Policy applies only in circumstances governed by the PDPA. We may amend this privacy policy by posting the amended privacy policy on this site.

1. Personal Data

You agree that the Group may collect, store, process, disclose, access, review and/or use personal data (including sensitive personal data) about you, whether obtained from you or from other sources, for the purposes set out below and/or any other administrative or operational purposes and/or the purpose of managing your relationship as a customer with the Company or any other company within the Group:

(i) providing services to you in relation to your transactions with the Group;

(ii) enabling your use of the services which the Group provides, including, where necessary, contacting you (whether by SMS, email or otherwise);

(iii) dealing with enquiries made by you;

(iv) maintenance and updating of the data;

(v) statistical analysis;

(vi) administrative or operational purposes;

(vii) tax filing preparation;

(viii) processing credit notes and processing refunds;

(ix) collection of fees, charges and expenses for services provided;

(x) verification and identification purposes;

(xi) facilitating the making and payment of claims, including payments by cheque, bank transfers or other means;

(xii) carrying out billing, accounting, auditing and the maintenance of proper book-keeping to explain the Company’s operations and business; and/or

(xiii) the disclosure of the relevant books, documents, records and information (in hard or soft copy) to the auditors for the preparation of financial reports.

2. Data Quality

The Company will take reasonable steps to make sure that the personal data it collects, uses or discloses is accurate, complete and up to date.

3. Data Security

The Company will take reasonable steps to protect the personal data it holds from misuse and loss and from unauthorized access, modification or disclosure.

The Company will not keep personal data for longer than is necessary and will take reasonable steps to destroy or permanently de-identify personal data if it is no longer needed.

4. Access & Correction

You are entitled to have access to the personal data about you that is in the possession or under the control of the organization and information about the ways in which the personal data has been or may have been used or disclosed within a year before the date of the request. This can be done by you making a written application to the Designated Person (as defined below) requesting for any such information. The Company reserves the right to charge a fee (representing its costs in administering your request) for supplying such information and to refuse requests which, in its opinion, occur with unreasonable frequency.

The Company will also, where you have requested that it correct an error or omission in the personal data about you that is kept with the Company, correct such data as soon as practicable and send the corrected personal data to every organization to which the personal data was sent before it had been corrected, if applicable, unless that organization does not need the corrected personal data for any legal or business purpose.

The Company may however choose not to provide you with access to or correct such information, in accordance with the exceptions under the PDPA. This would include cases where:

(i) The Company is satisfied on reasonable grounds that the correction should not be made;

(ii) The request for access is frivolous or vexatious or the information requested is trivial;

(iii) The personal data is related to a prosecution and all the proceedings related to the prosecution have not been completed;

(iv) The personal data, if disclosed, would reveal confidential commercial information that could, in the opinion of a reasonable person, harm the competitive position of the organisation; and

(v) The personal data was collected, used or disclosed for the purposes of an investigation and associated proceedings and appeals have not been completed.

5. Transborder Data Flows

If your personal data is transferred to a country or territory outside Singapore, for instance, if your personal data is required for administrative or operational purposes in other companies within the Group, we will ensure that the recipients thereof provide a standard of protection to your personal data so transferred that is comparable to that which is provided herein.

6. Enquiries & Complaints

The Company has designated the person whose contact details are set out below as the person (“Designated Person”) who will be responsible for ensuring the Company’s compliance with the PDPA. If you have any queries or requests or wish to make any applications concerning your personal information or data, please contact the Designated Person at [email protected]