International Data Transfers

CICADA Finance is a global service. The personal data we collect from you may be transferred to, and stored at, servers and destinations outside your country or jurisdiction. Specifically, you understand that your personal data may be transferred to and processed in the United States, Singapore, and potentially other countries. These countries (including the US) may have data protection laws that are different from (and potentially not as protective as) the laws of your country of residence.

If you are located in Singapore, the European Economic Area (EEA), or other regions with laws governing data collection and use, please note that we may transfer your personal data to countries outside of your home country, for the purposes described in this Policy. In doing so, we will take steps to ensure that your data is subject to appropriate safeguards required by the PDPA and other applicable laws. For instance, for Singapore PDPA:

• We will ensure that any overseas recipient of personal data is either bound by legally enforceable obligations (such as a contract) to provide a standard of protection for the data that is comparable to that under Singapore PDPA, or the transfer falls under an exemption.

• This may involve using the ASEAN Model Contractual Clauses or other data protection agreements that contractually require the recipient to afford your data a level of protection consistent with Singapore law.

For transfers out of other jurisdictions like the EEA (if applicable in the future), we would similarly rely on appropriate mechanisms such as Standard Contractual Clauses (SCCs) approved by the European Commission, or ensure the transfer is otherwise legally permitted (e.g., necessary for contract performance, or with your consent).

By using our Services or submitting your personal data to us, you consent to the transfer, storage, and processing of your information in countries outside of your country of residence. We understand that privacy laws vary by jurisdiction, and when your data travels abroad, it could potentially be accessed by courts, law enforcement and national security authorities in those other jurisdictions. However, our practices regarding your personal data will at all times continue to be governed by this Privacy Policy and, where applicable, we will comply with the requirements of law (such as PDPA’s Transfer Limitation Obligation or GDPR Chapter V on transfers).

If you have questions about our international data transfer practices, you can contact us (details in Section 11).