PRIVACY POLICY

1. OBJECTIVES


The purpose of this privacy policy is to notify individuals of the purposes for which Silicon Box Pte Ltd (UEN: 202117750K) and/or its related corporations (collectively, the "Companies"), as well as their respective representatives and/or agents ("Representatives") (the Companies and Representatives collectively referred to herein as "us", "we" or "our") may collect, use, disclose, and/or process personal data. The policy will also provide you with more information on the basis upon which we may lawfully collect, use and/or disclose your Personal Data without your consent, where permitted by applicable law, and our use of cookies and similar technologies. 


The privacy policy is intended to be published on our website at https://www.silicon-box.com/privacy-policy or such other URL as we may designate from time to time. 


2. SCOPE


This privacy policy applies to all collection, use, disclosure, and/or processing of Personal Data (as defined hereinafter) by the Companies and Representatives. 


For processing of personal data relating to data subjects in Italy carried out by Silicon Box S.r.l (F.C. 13484950962), Silicon Box Pte Ltd, and/or their related corporations, this privacy policy is supplemented by a specific Addendum for processing of Personal Data subject to Italian jurisdiction as set out in Annex A ("Italian Addendum") and should be read and interpreted together with the Italian Addendum. In the event of any inconsistency or conflict between the provisions of this privacy policy and the Italian Addendum, the Italian Addendum shall prevail with respect to the processing of Personal Data subject to Italian jurisdiction. 


For processing of personal data relating to data subjects in the United States carried out by the Companies, this privacy policy is supplemented by a specific United States Addendum as set out in Annex B ("US Addendum") and should be read and interpreted together with the US Addendum. In the event of any inconsistency or conflict between the provisions of this privacy policy and the US Addendum, the US Addendum shall prevail with respect to the processing of personal data relating to data subjects in the United States or carried out by Silicon Box or its related companies in the United States to which the above regulations apply. 


3. REVISION HISTORY

  • Revision 1

    Description of Change

    Initial release


    Originator / Department

    Data Protection Officer / Legal


    Revision Date

    2024-Oct-24

  • Revision 2

    Description of change:

    1. Update Objectives and Scope in Sections 1 and 2. 
    2. Update Section 5.2 Definitions 
    3. Addition of Italian Addendum and US Addendum in Annex A and B. 
    4. Update Sections 7.8.2, 7.8.4 and 7.8.5 relating to cookies and similar technologies 

    Originator / Department:

    Dataprotection Officer


    Revision Date:

    2025=Jun-18

4. REFERENCE DOCUMENTS



NA


5. GENERAL INFORMATION 


5.1  RESPONSIBILITY

Legal Department is the owner of this document and shall be responsible for regularly updating this document and ensuring that it remains accurate. 

5.2 DEFINITIONS

Definition & Terms Description
Companies Silicon Box Pte Ltd (UEN: 202117750K) and/or its related corporations
Personal Data has the meaning given to it in paragraph 7.2.1.
Representatives the Companies and their respective representatives and/or agents

6. SAFETY

NA


7. PROCEDURE


7.1          FOREWORD


By interacting with us, submitting information to us, or signing up for any products or services offered by us, you agree and consent to collecting, using, disclosing and sharing amongst ourselves your Personal Data, and disclosing such Personal Data to our authorised service providers and relevant third parties in the manner and for any of the purposes set forth in this Privacy Policy. 


This Privacy Policy supplements but does not supersede nor replace any other consents you may have previously provided to us in respect of your Personal Data, and any consents you may have provided in connection with this Privacy Policy are cumulative and additional to any rights which we may have under applicable law to handle or process your Personal Data. 


We reserve the right to update or modify this Privacy Policy from time to time, and send you notification of updates to this Privacy Policy in any form as we may deem appropriate. While you should regularly check this Privacy Policy, we may also inform you of how we process your Personal Data by publishing (or amending) this Privacy Policy and, where required by applicable law, by posting a notice, or reaching you via other forms of communication (e.g. sending you an SMS message or email, or giving you a phone call) according to such contact particulars that we may have of you in our records from time to time. You may also contact us in the manner disclosed in this Privacy Policy to learn about our handling or processing of your Personal Data. 


We may from time to time update this Privacy Policy to, for example, ensure that this Privacy Policy is consistent with our future developments, industry trends and/or any changes in legal or regulatory requirements. To the maximum extent permissible under applicable law, you agree to be bound by the prevailing terms of this Privacy Policy as may be updated from time to time on our website (https://www.silicon-box.com), and/or as you may be notified. Hence, please check back regularly for updated information on our handling or processing of your Personal Data. 



7.2 PERSONAL DATA 


7.2.1       In this Privacy Policy, "Personal Data" refers to any data, whether true or not, about an individual who can be identified (a) from that data; or (b) from that data and other information to which we have or are likely to have access, including data in our records as may be updated from time to time.


7.2.2.    Examples of such Personal Data you may provide to us include (depending on the nature of your interaction with us), your name, email address, phone number, and any other information relating to any individuals which you have provided us in any forms you may have submitted to us (including in the form of biometric data), or via other forms of interaction with you. 


7.3 COLLECTION OF PERSONAL DATA 


7.3.1      Generally, we collect Personal Data in the following ways: 

  1. when you submit an employment application or when you provide documents or information including your resume and/or curriculum vitae in connection with any appointment or position; 
  2. when you interact with our staff or Representatives, for example, via telephone calls (which may be recorded), letters, fax, face-to-face meetings and email; 
  3. when we seek information about you and receive your Personal Data in connection with your relationship with us, including for our services and/or job applications, for example, from business partners, public agencies, your ex-employer and the relevant authorities; 
  4. when you enter into any agreement or provide other documentation or information in respect of your interactions and transactions with us, or when you purchase our goods or use our services; 
  5. when you use our electronic services, or interact with us via our websites and platforms or use services and/or features on our websites and platforms; 
  6. when you share comments or feedback with us; and/or; 
  7. when you submit any form to us or provide your Personal Data to us for any other reason. 


7.3.2      If you provide us with any Personal Data relating to a third party (e.g. information on your customers, spouse, children, parents, and/or employees), by submitting such information to us, you represent to us that you have obtained the consent of such third party to you providing us with their Personal Data, and for the collection, use and disclosure of their Personal Data for all purposes set out in our herein and by or for the benefit of the persons referenced herein. 


7.3.3      You should ensure that all Personal Data submitted to us is complete, accurate, true and correct. Failure on your part to do so may result in our inability to provide you with any products and/or services you have requested. 


7.4         PURPOSES FOR THE COLLECTION, USE AND DISCLOSURE OF YOUR PERSONAL DATA 


7.4.1      Generally, we collect, use and disclose your Personal Data for the following purposes: 

  1. managing the administrative and business operations of the Companies and complying with internal policies and procedures; 
  2. facilitating business asset transactions (which may extend to any mergers, acquisitions or asset sales) involving any of the Companies; 
  3. providing you with goods and/or services which you have purchased or requested to receive, or otherwise as necessary to perform any contractual obligations owed to you or third parties; 
  4. responding to, processing and handling your queries, requests, feedback and suggestions, or otherwise providing customer support; 
  5. verifying your identity or matching any Personal Data held which relates to you for any of the purposes listed herein; 
  6. managing and preparing reports on incidents and accidents, preventing, detecting and investigating crime, including fraud and money-laundering or terrorist financing, and analysing and managing commercial risks; 
  7. providing media announcements and responses;
  8. in connection with any claims, actions or proceedings (including but not limited to drafting and reviewing documents, transaction documentation, obtaining legal advice, and facilitating dispute resolution), and/or protecting and enforcing our contractual and legal rights and obligations; 
  9. complying with any applicable rules, laws and regulations, codes of practice or guidelines or to assist in law enforcement and investigations by relevant authorities; and/or; 
  10. any other purpose relating to or reasonably necessary for any of the above. 


7.4.2      In addition, we may collect, use and disclose your Personal Data for the following purposes depending on the nature of our relationship:


  1. communicating with you and informing you of changes and development to our policies, terms and conditions and other administrative information; 
  2. if you submit any application to us as a candidate for employment: (i) conducting interviews; (ii) processing your application which includes pre-recruitment checks involving your qualifications and facilitating interviews; (iii) providing or obtaining employee references and for background screening; (iv) assessing your suitability for the position applied for; (v) processing staff referrals; and/or (vi) any other purposes relating to any of the foregoing; and/or; 
  3. processing of your Personal Data in relation to any of the purposes stated above.

 

7.4.3      In relation to particular products or services or in your interactions with us, we may also have specifically notified you of other purposes for which we collect, use and/or disclose your Personal Data. If so, we will collect, use and/or disclose your Personal Data for these purposes as well. 


7.5         DISCLOSURE OF PERSONAL DATA 


7.5.1      Subject to applicable law, your Personal Data may be provided, for the purposes listed above (where applicable), to the following persons, whether they are located overseas or in Singapore: 

  1. our related corporations; 
  2. agents, contractors, vendors, and third party service providers (including software providers) who provide services to us; 
  3. any business partner, investor, assignee or transferee (actual or prospective) to facilitate business asset transactions (which may extend to any merger, acquisition or any debt or asset sale) involving any of the Companies; 
  4. our professional advisers such as our board of directors, auditors and lawyers; 
  5. relevant government regulators, government ministries, statutory boards or authorities and/or law enforcement agencies, to comply with any directions, laws, rules, guidelines, regulations or schemes issued or administered by any of them; 
  6. any other party to whom you authorise us to disclose your Personal Data to. 


7.6         DEEMED CONSENT


7.6.1        In addition to the matters set forth above, subject to and in accordance with applicable law, you shall be deemed to have consented to us collecting, using, disclosing and sharing amongst ourselves your Personal Data, and disclosing such Personal Data to our authorised service providers and relevant third: 

  1. where in response to a request for your Personal Data in connection with identified purposes, you voluntarily provide such Personal Data to us for such purpose(s) and it is reasonable that you would voluntarily provide such Personal Data; and 
  2. where the collection, use and/or disclosure of your Personal Data is reasonably necessary for the conclusion and/or performance of a contract, between you and us or any other organisation entered into at your request, which may include recipients of your Personal Data not indicated in this Privacy Policy. 


7.7         OTHER BASES FOR HANDLING OR PROCESSING YOUR PERSONAL DATA 


7.7.1      In addition to and without limiting the consents you have provided to our collection, use and/or disclosure of your Personal Data for the purposes set out elsewhere in this Privacy Policy, where permitted by applicable law, we may also in accordance the requirements thereof also collect, use and/or disclose your Personal Data as further detailed below including without consent, where we meet the requirements of applicable law: 


  1. for our legitimate interests or the legitimate interests of another person (but not for sending you direct marketing messages unless you have otherwise provided your consent), including without limitation for the following purposes: 
  2. any investigations or proceedings; 
  3. fraud detection and prevention; 
  4. entering into, managing or terminating an employment relationship or appointment; and 
  5. detection and prevention of misuse of services by users; and 
  6. we may collect your Personal Data from any of the Companies, we may use your Personal Data, and any of the Companies may disclose your Personal Data to us, for improving our products, services, processes or business, understanding customer preferences and personalising experiences and recommendations (regardless whether you have an existing or prospective relationship with any of the Companies). 


7.8         USE OF COOKIES AND RELATED TECHNOLOGIES


7.8.1      You agree and acknowledge that our websites and platforms may include analytics code and other tools that may allow us to gather information on any use of any of our websites and platforms, and may include use of cookies, running of verification and compliance analysis and/or use of data capture, syndication analysis, and/or other similar tools to track, extract, compile, aggregate, archive, disclose or otherwise analyse any data and/or information resulting from any person's access to and/or use of any of our websites and platforms, and further that: (a) we shall retain all rights, title and interest in and to all such gathered information and data; (b) you shall not disable or interfere with any such analytics code and tools; and (c) any intellectual property rights of or in the results of such analytics shall vest solely in us. For the avoidance of doubt, we may monitor, track and share with third parties your geo-location information obtained by any of our websites and platforms for safety, security, technical, marketing and commercial purposes, including to provide and improve our products and services.


7.8.2      For example, our websites and platforms may use cookies and other technologies. In this regard:


  1. Cookies are small data files stored in your computing or other electronic devices when you visit our website and platforms for record keeping purposes. Cookies may be stored in your browser's file directory, and the next time you visit the website or platform, your browser may read the cookie and relay the information back to the website, platform or element that originally set the cookie. Depending on the type of cookie it is, cookies may store user preferences and other information. Cookies are widely used by website owners in order to make their websites work, or work more efficiently, as well as to provide reporting information. 
  2. Cookies set by the website owner (in this case, by us) are called "first-party cookies". Cookies set by persons other than us are called "third-party cookies". Third-party cookies can enable third-party features or functionalities to be provided on or through the website (such as interactive content and analytics). The persons who set third-party cookies may be able to recognise your device both when it visits our website and platforms, and also when it visits certain other websites. We may use information from third party cookies to compile statistics about visitors who interact with the websites, platforms and our other online content, to gauge the effectiveness of our communications, and to provide more pertinent information to our visitors.
  3. Web beacons (also known as pixel tags and clear GIFs) involve graphics that are not apparent to the user. Tracking links and/or similar technologies may consist of a few lines of programming code and can be embedded in our websites or platforms. Web beacons are usually used in conjunction with cookies and primarily used for statistical analysis purposes. This technology can also be used for tracking traffic patterns on websites and platforms, as well as finding out if an e-mail has been received and opened and to see if there has been any response.


7.8.3      Without limiting the generality of the foregoing, we may employ cookies and other technologies as follows: 


  1. tracking information such as the number of visitors and their frequency of use, profiles of visitors and their preferred sites; 
  2. making our websites and platforms easier to use. For example, cookies may be used to help speed up your future interactions with our websites and platforms; 
  3. to better tailor our products and services to your interests and needs. For example, cookies information may be identified and disclosed to our vendors and business partners to generate consumer insights; 
  4. collating information on a user's search and browsing history; 
  5. when you interact with us on our websites and platforms, we may automatically receive and record information on our server logs from your browser. We may collect for the purposes of analysis, statistical and site-related information including, without limitation, information relating to how a visitor arrived at the website or platform, the browser used by a visitor, the operating system a visitor is using, a visitor's IP address, and a visitor's click stream information and time stamp (which may include for example, information about which pages they have viewed, the time the pages were accessed and the time spent per web page, and other actions); 
  6. using such information to understand how people use our websites and platforms, and to help us improve their structure and contents; 
  7. using cookies that are necessary in order to enable our websites and platforms to operate, for example, cookies that enable you to log onto secure parts of our websites and platforms; and/or; 
  8. personalising the website and platform for you, including delivering advertisements which may be of particular interest to you and using cookie related information to allow us to understand the effectiveness of our advertisements. 


7.8.4      Cookies required for technical reasons in order for our websites and platforms to operate are referred to as "essential" or "strictly necessary" cookies. Other cookies may allow us to track users and enhance their experience, and/or for analytics and other purposes. 


7.8.5      The types of first and third-party cookies served through our websites and platforms are described in the table below:

Essential cookies and related technologies 

These cookies and related technologies are strictly necessary to provide you with services availab

Name Details
dm_timezone_offset Purpose This cookie stores your timezone information. It helps us display time-sensitive content correctly for your location, without collecting other personal information or creating a detailed user profile. For example, we may show event times or availability in your local time while respecting your privacy.
Provider www.silicon-box.com
Service Duda
Type http_cookie
Expires in 15 days
dm_last_visit Purpose This cookie tracks when you last visited our website. It allows us to provide basic site customization based solely on your visit timing, without other collecting personal information or creating a detailed user profile. For example, we may show you what's new since your last visit or adjust certain features based on visit frequency.
Provider www.silicon-box.com
Service Duda
Type http_cookie
Expires in 11 months 30 days
dm_this_page_view Purpose This cookie records when you first viewed our page. It helps us provide basic site customization based solely on when you initially visited, without collecting other personal information or creating a detailed user profile. For example, we may adjust certain features for first-time visitors or returning users while respecting your privacy.
Provider www.silicon-box.com
Service Duda
Type http_cookie
Expires in 11 months 30 days
dm_total_visits Purpose This cookie tracks the number of times you've visited our website. It helps us provide basic site customization based solely on your visit frequency, without collecting personal information or creating a detailed user profile. For example, we may adjust certain features for new versus returning visitors while respecting your privacy.
Provider www.silicon-box.com
Service Duda
Type http_local_storage
Expires in 11 months 30 days
csrf_token Purpose Protects against hacking and malicious actors.
Provider www.silicon-box.com
Type http_cookie
Expires in 29 days

Performance and functionality cookies 

These cookies are used to enhance the performance and functionality of our Website but are non-essential to their use. However, without these cookies, certain functionality (like videos) may become unavailable. 

Name Details
_Secure-ROLLOUT_TOKEN Purpose Used by YouTube to manage the phased rollout of new features and updates
Provider youtube.com
Service Youtube
Type server_cookie
Expires in 5 months 27 days
VISITOR_PRIVACY_METADATA Purpose To store the user's cookie consent state for the current domain
Provider youtube.com
Service Youtube
Type server_cookie
Expires in 5 months 27 days

Analytics and customisation cookies and related technologies 

These cookies and related technologies may be used to collect information that is used either in aggregate form to help us understand how our websites and platforms are being used, or to help us customize our websites and platforms to you. 

Name Details
_ga Purpose Creates a unique ID to track and identify individual users on a website, enabling Google Analytics to track user behaviour across sessions and multiple pageviews.
Provider www.silicon-box.com
Service Google Analytics
Type http_cookie
Expires in 1 year 1 month 4 days
s7 Purpose Gather data regarding site usage and user behaviour on the website
Provider www.silicon-box.com
Service Adobe Analytics
Type html_local_storage
Expires in persistent
_ga_# Purpose Used to distinguish individual users by means of designation of a randomly generated number as client identifier, which allows calculation of visits and sessions
Provider www.silicon-box.com
Service Google Analytics
Type http_cookie
Expires in 1 year 1 month 4 days
_cohortld Purpose This cookie assigns you to a group (cohort) of users with similar browsing patterns. It helps us deliver more relevant content while protecting your individual privacy. Unlike traditional tracking cookies, it doesn't identify you personally but rather places you in a broader interest-based category. This cookie is stored temporarily in your browser's session storage and expires when you close your browser.
Provider www.silicon-box.com
Service Duda
Type http_session_storage
Expires in End of user session
NID Purpose Set by Google to set a unique user ID to remember user preferences. Persistent cookie that stays for 182 days.
Provider .google.com
Service Google (View Service Privacy Policy)
Type server_cookie
Expires in 6 months

Advertising cookies and related technologies 

These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests. 

Name Details
test_cookie Purpose A session cookie used to check if the user's browser supports cookies.
Provider doubleclick.net
Service DoubleClick
Type server_cookie
Expires in 15 minutes
VISITOR_INFO1_LIVE Purpose YouTube is a Google-owned platform for hosting and sharing videos. YouTube collects user data through videos embedded in websites, which is aggregated with profile data from other Google services in order to display targeted advertising to web visitors across a broad range of their own and other websites. Used by Google in combination with Session ID (SID) to verify Google user account and most recent login time.
Provider youtube.com
Service YouTube
Type server_cookie
Expires in 5 months 27 days
YSC Purpose YouTube is a Google-owned platform for hosting and sharing videos. YouTube collects user data through videos embedded in websites, which is aggregated with profile da ta from other Google services in order to display targeted advertising to web visitors across a broad range of their own and other websites. Used by Google in combination with Session ID (SID) to verify Google user account and most recent login time.
Provider youtube.com
Service YouTube
Type server_cookie
Expires in 5 months 27 days

7.8.6.     We may also collect information about your precise or approximate location as determined through data such as your IP address or mobile device's GPS to offer you an improved user experience. Most mobile devices allow you to control or disable the use of location services for applications in the device's settings menu. 


7.8.7      If you do not agree to such use of cookies, you can adjust your browser settings. Unless you have adjusted your browser settings to block cookies, our system will issue cookies as soon as you visit our site or click on a link in a targeted email that we have sent you, even if you have previously deleted our cookies. 


7.8.8.     The way which cookies can be managed depends on your browser. Please check with your browser provider on how you may configure or disable cookies on your browser. 


7.8.9.     If you do not agree to our use of cookies and other technologies as set out in this Privacy Policy, you should delete or disable the cookies associated with our websites and platforms by changing the settings on your browser accordingly. However, you may not be able to enter certain part(s) of our websites or platforms. This may also impact your user experience while on our websites or platforms. 


7.9. DATA SECURITY


7.9.1    We cannot completely guarantee the security of any Personal Data we may have collected from or about you, or that no harmful code will enter our website (for example viruses, bugs, trojan horses, spyware or adware). You should be aware of the risks associated with websites.


7.9.2    We cannot ensure the security of the information you transmit to us via the Internet, and we urge you to take every precaution to protect your Personal Data when you use our platforms. We recommend that you change your passwords often, use a combination of letters and numbers, and ensure that you use a secure browser.


7.10 THIRD-PARTY SITES 


7.10.1      Our website may contain links to other websites operated by third parties. We are not responsible for the privacy practices of websites operated by third parties that are linked to our website. We encourage you to learn about the privacy policies of such third-party websites. Some of these third-party websites may be co-branded with our logo or trademark, even though they are not operated or maintained by us. Once you have left our website, you should check the applicable privacy policy of the third-party website to determine how they will handle any information they collect from you. 


7.10.1      Our website may contain links to other websites operated by third parties. We are not responsible for the privacy practices of websites operated by third parties that are linked to our website. We encourage you to learn about the privacy policies of such third-party websites. Some of these third-party websites may be co-branded with our logo or trademark, even though they are not operated or maintained by us. Once you have left our website, you should check the applicable privacy policy of the third-party website to determine how they will handle any information they collect from you. 


7.11        CONTACTING US – QUESTIONS, FEEDBACK, WITHDRAWAL OF CONSENT, ACCESS AND CORRECTION OF YOUR PERSONAL DATA 


7.10.1      If you:

  1. have any questions or feedback relating to your Personal Data or our Privacy Policy, including without limitation our reliance on the legitimate interests and/or deemed consent bases of collecting, using and/or disclosing your Personal Data as described in this Privacy Policy; 
  2. would like to withdraw your consent to any use of your Personal Data as set out in this Privacy Policy; or 
  3. would like to obtain access and make corrections to your Personal Data records, please write to our Data Protection Officer (DPO) via the contact details set out below.


7.11.2      You may also write to our DPO as follows: 


Data Protection Officer 

Silicon Box Pte Ltd 

dpo@silicon-box.com  


Please note that if your Personal Data has been provided to us by a third party, you should contact such party directly to make any queries, feedback, and access and correction requests to us on your behalf. 


7.11.3      You may withdraw your consent as provided under PDPA. However, if you withdraw your consent to any or all collection, use, and/or disclosure of your Personal Data, depending on the nature of your request, we may not be in a position to continue to provide our products or services to you, administer any contractual relationship already in place, or perform or conclude an existing or prospective agreement. This may also result in the termination of any agreements you have with us, and your being in breach of your contractual obligations or undertakings. Our legal rights and remedies in such event are expressly reserved. 


7.11.4      If you would like to change your cookie preferences, click the 'Consent Preferences' link below:

7.12 GOVERNING LAW


7.12.1    This Privacy Policy and your use of this website shall be governed by the laws of Singapore.


ANNEX A


ITALIAN ADDENDUM TO THE PRIVACY POLICY  
(FOR PROCESSING OF PERSONAL DATA SUBJECT TO ITALIAN JURISDICTION) 

 

This Addendum is supplemental to the Privacy Policy and applies only to the processing of Personal Data subject to Italian jurisdiction and carried out by Silicon Box S.r.l. (F.C. 13484950962), Silicon Box Pte Ltd (UEN: 202117750K), and their related corporations (collectively, the "Companies"), each acting as autonomous controller. The list of Companies processing your Personal Data can be requested by writing to our DPO at the contact details indicated below. 

 

The Privacy Policy, as supplemented by this Addendum, is to be intended as information notice pursuant to Articles 13 and 14 of Regulation (EU) 2016/679 ("GDPR"). 

 

With regard to the processing of Personal Data related to data subjects in the European Union (including Italy), data subjects may contact our DPO at the following e-mail address: 

 

Email address: dpo@silicon-box.com 


Attention: Data Protection Officer 

 

In the event of any inconsistency or conflict between the provisions of the Privacy Policy and this Addendum, this Addendum shall prevail with respect to the processing of Personal Data subject to Italian jurisdiction. 


1.            PERSONAL DATA


1.1      In this Privacy Policy, “Personal Data” has the meaning given under Article 4(1) of the GDPR. 


1.2      In addition to the Personal Data you provide to us, we may also collect Personal Data through third parties or public sources. Examples of such Personal Data include information on professional life or business activity (such as education data and previous work experience, possible registration with professional associations and sector of activity), commercial information (such as balance sheet data, chamber of commerce information, financial reports and information relating to protests or insolvency proceedings) and any other information relevant to assessing work or technical suitability, reputation, or compliance with applicable regulations.


2.          COLLECTION OF PERSONAL DATA 


2.1      You may choose not to provide us with your personal data. However, depending on the circumstances, this may be a breach of your obligations under applicable law or your contractual obligations owed to us or third parties, and we may not be able to fulfil your requests, or enter into a contract or transaction with you. 


3.           Purposes for the Collection, Use and Disclosure of Your Personal Data 


3.1      Personal Data is retained for specific periods not exceeding the maximum periods established by law or the periods of time necessary to achieve the purposes of the processing. Detailed information on the retention periods of Personal Data can be requested by writing to our DPO at the contact details indicated above. 


4.           DISCLOSURE OF PERSONAL DATA 


4.1      We may transfer your Personal Data outside the European Economic Area (EEA), in the absence of an adequacy decision and without any of the exceptions set out in Article 49 of the GDPR, on the basis of the standard contractual clauses set out in Article 46(2)(c) and (d) of the GDPR. 


5.          DEEMED CONSENT


5.1      If we rely on your consent to process your Personal Data, we will do so in accordance with the GDPR, such as where you have expressed your consent through a statement or a clear affirmative action. 


6.          OTHER Bases for HANDLING OR Processing Your Personal Data 


6.1      Processing of Personal Data is based on:


6.1.1.      the fulfilment of contractual or pre-contractual obligations, pursuant to Article 6(1)(b) of the GDPR, with reference to the purposes under paragraphs 7.4.1(c), 7.4.1(d) and 7.4.2(b) of the Privacy Policy;


6.1.2.     the fulfilment of the legal obligations to which we are subject, pursuant to Articles 6(1)(c) and 9(2)(b) of the GDPR, with reference to the purposes under paragraphs 7.4.1 (a), 7.4.1(i) and 7.4.2(b) of the Privacy Policy;


6.1.3.      our legitimate interests or the legitimate interests of another person, with reference to the purposes under paragraphs 7.4.1(a), 7.4.1(b), 7.4.17.3.1(e), 7.4.1(f), 7.4.1(g), 7.4.1(h), 7.4.2(a) of the Privacy Policy; or


6.1.4.      your consent pursuant to Article 6(1)(a) of the GDPR, with reference to the sending of direct marketing messages. 


7.           Use of Cookies and Related Technologies 


7.1     For allowing us to use cookies and other technologies (other than those that are necessary for the functioning of our websites and platforms) as set out in this Privacy Policy, you should expressly provide your consent by clicking on the “accept” button in the cookie banner displayed on the homepage. If you do not agree to our use of such cookies and technologies, you can either click on the “refuse” button or close the cookie banner without making any choice. You can also set the specific categories of cookies and other technologies you consent us to use by clicking on the “customise” button in the cookie banner. 


7.2      Detailed information on the cookies or other technologies used in our websites or platforms, including information regarding the provider and the duration of each cookie or technology, is available by accessing the dedicated section in the cookie banner. 


8.           Data Security measures 


8.1       We adopt appropriate technical and organizational measures to ensure an adequate level of protection for the Personal Data against the risks of destruction, loss, or alteration (whether accidental or unlawful), as well as unauthorized disclosure or access. 


9.          Contacting Us – QUESTIONS, Feedback, Withdrawal of Consent, Access and Correction of your Personal Data 


9.1        Pursuant to Articles 15 to 21 of the GDPR, you have the right to: 


9.1.1.      be informed about the purposes and methods of processing your Personal Data; 

9.1.2.      access to your Personal Data; 

9.1.3.      rectify incomplete, inaccurate or outdated Personal Data;

9.1.4.      obtain the erasure of your Personal Data; 

9.1.5.      obtain, in the cases provided for by law, the restriction of the processing of your personal data; and

9.1.7.       obtain, if technically feasible, portability of your Personal Data.


You may exercise these rights by writing to our DPO via the contact details set out above.   


9.2          In addition, you have the right to lodge a complaint with the Garante per la Protezione dei Dati Personali (www.garanteprivacy.it) if you consider that your rights under the GDPR have been breached. 


ANNEX B

US ADDENDUM TO THE PRIVACY POLICY 
(FOR PROCESSING OF PERSONAL DATA BY SILICON BOX OR ITS RELATED COMPANIES IN THE UNITED STATES) 

 

This US Addendum is intended to be a part of the Privacy Policy. All capitalized terms shall have the meaning set forth in the Privacy Policy, unless otherwise indicated herein. 

 

Our websites, products and services are not meant for children under the age of 18 years old. We do not knowingly collect personally identifiable information from children under the age of 18 without permission from a parent or guardian. If you are a parent or legal guardian and think your child under 18 has given us information, you can contact us via the contact information below or in our Privacy Policy. Please mark your inquiries “COPPA Information Request.” 

 

In the event of any inconsistency or conflict between the provisions of the Personal Data Protection Policy and this US Addendum, this US Addendum shall prevail with respect to the processing of personal data relating to data subjects in the United States or carried out by Silicon Box or its related companies in the United States to which the regulations below apply. 


1.           Your California and Texas Privacy Rights 


1.1      The California Consumer Privacy Act (the “CCPA”) and California Privacy Rights Act (the “CPRA”), as well as the Texas Data Privacy and Security Act (“TDPSA” and, collectively with the CCPA and CPRA, the “California and Texas Consumer Privacy Laws”) provide California and Texas residents with certain rights regarding their personal information that is collected by businesses, including the right to request information regarding the collection, use, sale, and disclosure of their personal information, the right to request the deletion of their personal information and other rights. This section provides information about the California and Texas Consumer Privacy Laws and about the type of personal information SB collects and shares with other companies. It also explains how you can make requests to SB regarding your personal information. Any terms defined in the California and Texas Privacy Laws have the same meaning when used in this section. SB allows residents of any state to exercise the rights contained in this California and Texas Privacy Rights section. 


1.2     This California and Texas Privacy Rights section describes your rights under the California and Texas Consumer Privacy Laws, explains how you may exercise your rights, and provides an overview on the types of personal information we collect. 


2.           RIGHTS AND CHOICES


2.1         Right to Know What Personal Information is Collected About You and How It Is Used 


2.1.1.      You have the right to know what categories and specific pieces of personal information we collect about you, the sources from which we collect personal information, our business or commercial purpose for the collection, use, and sharing of your personal information, and any categories of third parties to whom we sell or with whom we share your personal information.  You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months (a “Right to Know Request”). Once we receive and confirm your verifiable consumer request, we will disclose to you: 


  • The categories of personal information we collected about you. 
  • The categories of sources for the personal information we collected about you. 
  • Our business or commercial purpose for collecting or selling that personal information. 
  • The categories of third parties with whom we share that personal information. 
  • The specific pieces of personal information we collected about you. 
  • If we sold or disclosed your personal information for a business purpose, two separate lists disclosing: 
  • The categories of personal information that we have sold about you, and the categories of third parties to whom the personal information was sold. 
  • The categories of personal information we have disclosed about you for a business purpose. 


2.2        Right to Delete Personal Information 

2.1.1.      You have the right to request that SB delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request) we will delete, and direct our service providers to delete, your personal information from our records, unless an exception applies.


2.1.2.      We may deny your deletion request if retaining the information is necessary for us, or our service providers, to: 

 

  • Complete the transaction for which we collected the personal information, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you; 
  • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities; 
  • Debug to identify and repair errors that impair existing intended functionality; 
  • Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law; 
  • Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.); 
  • Enable solely internal uses that are reasonably aligned with expectations based on your relationship with us; 
  • Comply with a legal obligation; or 
  • Make other internal and lawful uses of that information that are compatible with the context in which you provided it or in line with applicable laws. 
  • Enable solely internal uses that are reasonably aligned with expectations based on your relationship with us; 
  • Comply with a legal obligation; or 
  • Make other internal and lawful uses of that information that are compatible with the context in which you provided it or in line with applicable laws. 


2.3.       Right to Data Portability 


2.3.1      You have the right to request that SB provide you with a copy of personal information we have collected and maintained about you in the past 12 months. California and Texas Consumer Privacy Laws allow you to request your information from us up to twice during a twelve (12) month period.  We will provide our response in a readily usable format, which is usually electronic.


2.4.       Right to Correct 


2.4.1      You have the right to request that SB correct any personal information we retain about you. 



3.           Exercising Right to Know, Right to Delete, Right to Data Portability, and Right to Correct Requests


3.1       To exercise your Right to Know, Right to Data Portability, Right to Correct, or Right to Delete as described above, please submit a verifiable consumer request to us by either: 

  • Calling us at +65 6973 3330; or 
  • Sending an email to dpo@silicon-box.com


3.2       Only you, or your authorized agent, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. 


3.3      The verifiable consumer request must: 

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative; and 
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it. 


3.4      We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. We will only use personal information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request.


3.5     To use an authorized agent to make a verifiable consumer request, you must provide the authorized agent written authorization to do so. You may also be required to verify your own identity directly with us. SB may deny a request from an authorized agent that does not submit proof that they have been authorized to act on your behalf. Such requirements, however, will not apply where you have provided the authorized agent with power of attorney pursuant to Cal. Probate Code §§ 4000 to 4465. 


3.6     Upon receiving a Request to Know or a Request to Delete, we will confirm receipt within 10 days and provide information about how we will process the request, how we will verify your identity, and when you should expect a response (except in cases in which we have already granted or denied the request). We endeavour to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time, we will inform you of the reason and extension period in writing. Upon receiving a Request to Know or a Request to Delete, we will confirm receipt within 10 days and provide information about how we will process the request, how we will verify your identity, and when you should expect a response (except in cases in which we have already granted or denied the request). We endeavour to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time, we will inform you of the reason and extension period in writing. 


3.7        Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request's receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable 


4.           NON-DISCRIMINATION


4.1          We will not discriminate against you for exercising any of your California rights. Unless permitted by California law, we will not: 

  • Deny you goods or services. 
  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties. 
  • Provide you a different level or quality of goods or services. 
  • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services. 


5.          Shine the Light Law 


5.1         Under California Civil Code Section 1798.83 (“Shine the Light”), if you reside in California, you have the right to ask us one time each year if we have shared personal information with third parties for their direct marketing purposes. To make a request, please send an email to dpo@silicon-box.com. Indicate in your letter that you are a California resident making a “Shine the Light” inquiry.


6.           Your Nevada Rights 

6.1         Nevada law allows consumers to request that their data not be sold (as defined in the Nevada privacy law) even if their data is not currently being sold. Requests may be submitted by email to dpo@silicon-box.com. 


Last updated: 11/07/2025

We reserve the right to periodically amend or revise the Privacy Policy; material changes will be effective immediately upon the display of the revised Privacy policy. The last revision will be reflected in the "Last modified" section. Your continued use of the Platform, following the notification of such amendments on our website, constitutes your acknowledgment and consent of such amendments to the Privacy Policy and your agreement to be bound by the terms of such amendments.