1. PDPA POLICY STATEMENT
   1.1. This Letter contains the personal data protection and privacy policy adopted by Accountscan Express Pte. Ltd.
   to manage your personal data, collect, use and disclose in accordance with the Personal Data Protection Act 2012
   (the “Act”). Please take a moment to read this policy to understand the purposes for which we collect, use and
   disclose your personal data. By engaging our professional services, be it secretarial services, bookkeeping
   services, tax services, preparation of financial statements, audit services and/or any other advisory services, you
   agree to the terms of this Policy Statement.
   1.2. We respect the privacy of individuals and recognise the need to treat personal data in an appropriate and
   lawful manner, and are committed to comply with our obligations in this regard, in respect of all personal data we
   handle.
   1.3. We may change some parts or all of the contents of this policy from time to time to ensure that this policy is
   in line with legal and regulatory requirements. Hence, we advise you to check back regularly for updated
   information on the handling of your personal data.
   1.4. If you consider that this policy has not been followed in respect of personal data about you or others, you
   should raise the matter with the Data Protection Officer as soon as possible.
2. COLLECTION OF YOUR PERSONAL DATA
   2.1. In general, we collect your personal data in several ways, but not limited to the following:
   2.1.1. When you enter into any transaction with us, be it incorporation of a business entity, secretarial services,
   bookkeeping services, tax services, preparation of financial statements, audit services and/or any other advisory
   services
   2.1.2. When you contact us for enquiries, requests, applications or feedback;
   2.1.3. When you participate in any events related to us, including marketing
   and promotions, contests or interviews;
   2.1.4. When you request us to contact you;
   2.1.5. When you give us your feedback or survey;
   2.1.6. When you submit your personal data to us for employment purpose.

2.2. The personal data that is collected may include some or all of the following personal information:
2.2.1. Name;
2.2.2. Residential address;
2.2.3. NRIC/FIN/Passport Number
2.2.4. Date of birth;
2.2.5. Gender;
2.2.6. Nationality;
2.2.7. Contact number such as telephone numbers;
2.2.8. Email address;
2.2.9. Job title/profession;
2.2.10. Company name;
2.2.11. Company UEN number;
2.2.12. Address or intended address of the registered office and interests;
2.2.13. Address of principal place of business;
2.2.14. Place/Country or Proposed Place/Country of registration;
2.2.15. Nature of business;
2.2.16. Countries that the customer’s/client’s business mostly is transacting with;
2.2.17. Name(s) of all connected parties (directors/partners);
2.2.18. nature of beneficial ownership (e.g. more than 25% of ownership of the company) or person having
executive authority);
2.2.19. Information on ownership and control structure of, or over the customer/client; and
2.2.20. Signature.

3. PURPOSES OF COLLECTION, USE AND DISCLOSURE OF YOUR PERSONAL DATA
   3.1 Generally, we collect, use and disclose your personal data for the following purposes:
   3.1.1. To Comply with the Accounting and Corporate Regulatory Authority (Filing Agents and Qualified
   Individuals) Regulations 2015 (“Regulations”) sets out the specific requirements for corporate service providers.
   Part II of the First Schedule of the Regulations, entitled “Anti-Money Laundering and Anti-Terrorism Financing
   Measures”, contains the terms and conditions which apply to a filing agent (“FA”) who is registered under section
   28F of Part VIA of the ACRA Act, when it, by way of business, prepares to carry or carries out transactions for a
   customer concerning activities specified in paragraph five of First Schedule of the Regulations. These terms and
   conditions are aligned with the Financial Action Task Force’s recommendations to combat money laundering,
   terrorism financing and proliferation financing.
   3.1.2 To comply with EP 200 Anti-Money Laundering and Countering the Financing of Terrorism – EP 200
   is applicable to all professional accountants and professional firms in Singapore. A professional firm is an
   accounting corporation, an accounting firm or an accounting LLP approved under the Accountants Act; or an
   entity owned or controlled by a professional accountant or professional accountants, that provide professional
   services. Professional services are services requiring accountancy or related skills performed by a professional
   accountant including accounting, auditing, taxation, management consulting and financial management services,
   3.1.3. For identification and verification;
   3.1.4. To process your transactions with us;
   3.1.5. To provide the products and services you have requested;
   3.1.6. To administer promotions and contests, including any joint promotions and contests with external
   parties, or your participation in any events or interviews;
   3.1.7. To respond to your queries and requests;
   3.1.8. For internal and external communication and publications;
   3.1.9. To delivering information regarding news, publications and events; or
   3.1.10. For internal record keeping.
   3.2. Your personal data will be retained as long as necessary according to our internal policy for the fulfilment of
   the purposes stated above or is required to satisfy legal, regulatory or accounting requirements.

4. DISCLOSURE OF YOUR PERSONAL DATA
   4.1 We will take reasonable steps to protect your personal data against unauthorised disclosure. Subject to the
   provisions of any applicable law, your personal data may be disclosed, for the purposes listed above (where
   applicable), to the following:
   4.1.1. Our staff;
   4.1.2. Agents, contractors or third-party service providers, whether sited in Singapore or outside Singapore,
   in connection with one or more of the above mentioned purposes.
   4.1.3. Our professional advisers such as auditors and lawyers;
   4.1.4. Relevant government regulators, statutory boards or authorities or law enforcement agencies to comply
   with any laws, rules, guidelines and regulations or schemes imposed by any governmental authority; and
   4.1.5. Any other party to whom you authorise us to disclose your Personal Data to.
   4.2. Save as set out under this Privacy Policy, unless we are obliged or permitted by the Act to do so, your personal
   data will not be disclosed to any third parties without your permission.
   4.3. We will use reasonable endeavours to ensure that the third parties, whom your personal data is being disclosed
   to, will provide a comparable standard of protection to your personal data. However, we do not provide any
   warranty or take any responsibility of any misuse undertaken by those third parties.
5. CONSENTS
   5.1. By submitting your personal data to us, you agree and consent to the collection, use and disclosure of your
   personal data for some or all of the purposes mentioned above.
   5.2. If at any time we decide to collect, use or disclose your personal data in a different manner to the purposes
   set out above, we will request your consent to the additional purpose in writing, which you may refuse to give at
   your discretion.
   5.3. If you provide us with personal information relating to a third party (e.g. information of your spouse, children,
   parents, dependent, ward or employees), you represent to us that you have obtained the consent of the third party
   to provide us with their personal data for the respective purposes.
   5.4. You may at any time withdraw any consent given in respect of the collection, use or disclosure of your
   personal data by giving prior notice in the form of a formal written request addressed to the Data Protection
   Officer.
   5.5. In the event you withdraw your consent to us for the processing of your personal data for the purposes
   mentioned above, we shall cease to process your personal data within 21 working days upon receiving your
   withdrawal request. Please note that once consent is withdrawn, your request for any of the above purposes may
   as well be cancelled, and hence we may not be able to fulfil our services to you.
6. ACCESS AND CORRECTION TO YOUR PERSONAL DATA
   6.1. You may apply for a copy of your personal data held by us or request for your personal data to be updated
   or corrected by sending a formal written request to our Data Protection Officer.
   6.2. Within 21 working days upon receiving your request, we shall:
   6.2.1. Provide you with a copy of your personal data under our custody and/or other relevant information in
   accordance with the Act within; or
   6.2.2. Correct your personal data as soon as practicable and inform you that the correction has been made to
   your personal data; or
   6.2.3. Inform you that your request to access or correct your personal data is rejected, if the request was made
   in circumstances predefined by the Act where such access or correction is prohibited or not required.

7. ACCURACY OF YOUR PERSONAL DATA
   7.1 You should ensure that all personal data submitted to us is complete and accurate. Failure to do so may result
   in our inability to provide you with information or services you have requested.
   7.2 We shall make a reasonable effort to ensure that personal data collected by or on behalf of us is accurate.
8. PROTECTION OF YOUR PERSONAL DATA
   8.1. We will take reasonable measures to protect your personal data from unauthorised access, improper use or
   disclosure, unauthorised modification, unlawful destruction or accidental loss. You should be aware, however,
   that no method of transmission over the internet or method of electronic storage is 100% secure. While security
   cannot be guaranteed, we strive to protect the security of the personal data and will constantly review and enhance
   our information security measures.
   8.2. Our staff are required to keep personal data confidential and only authorised persons have access to such
   information.
9. CONTACT OUR DATA PROTECTION OFFICER
   9.1. Should you have a complaint or require more information about how we manage yourpersonal data, please
   contact our Data Protection Officer at:
   Data Protection Officer
   Gary Goh
   5001 Beach Road
   Golden Mile Complex, #04-13
   Singapore 199588
   Tel: (65) 6293 3679
   Email: garygoh@accountscan.com.sg
10. GOVERNING LAW
    10.1. This policy shall be governed in all respects by the laws of Singapore.