Download Area Login

Documentation Area Login

Privacy Policy

Effective date: 10 July 2019 | Last updated: 3 March 2026

Please read through this privacy policy ("Privacy Policy") carefully as it explains to you how Esprow Pte. Ltd. (UEN No. 200804918D), a company duly incorporated in Singapore ("Esprow", "we", "us", "our" as the context permits), collects, uses, discloses, retains and otherwise processes Personal Data.
"Personal Data" means data, whether true or not, about a person who can be identified: (a) from that data; or (b) from that data and other information to which we have or are likely to have access. However, Personal Data does not include information that has been made anonymous or aggregated so that it can no longer be used to identify a specific person, whether in combination with other information or otherwise.
By accessing, visiting, browsing and/or using the Website and/or the Service, you consent to us collecting, using, disclosing, storing and processing your Personal Data as described in this Privacy Policy. If you do not agree with any of its terms, you should immediately discontinue use of the Website and/or Service.
In this Privacy Policy, "include" (and its derivatives, such as "including" and "includes") means to include without limitation and every occurrence of this term shall be construed as defined aforesaid, whether or not capitalized. Unless otherwise defined, capitalized terms used in this Privacy Policy have the same meanings given to them in our Terms of Use.

1. Data Collection Policy

1.1 What data do we collect?
We (or service providers acting on our behalf) may collect the following categories of Personal Data:

  1. Identity data: full name, job title, company name.
  2. Contact data: email address, telephone number, country of residence.
  3. Communications data: records of correspondence when you contact us via email, web forms, phone or mail — used to respond to and manage your queries, requests, feedback and submissions.
  4. Technical data: IP address, browser type and version, operating system, device identifiers, time zone setting — collected automatically when you access the Website.
  5. Usage data: pages visited, links clicked, access dates and times, referring URLs — used to analyze and improve the Website and Service.
  6. Career data: CV, cover letter, qualifications and other information you submit when applying for a job through our careers page — used to assess your suitability for career opportunities at Esprow.

1.2 How do we collect your data?
We collect data through the following methods:

  1. Directly from you: when you fill in a contact form, subscribe to our newsletter, register for an account, request a product demonstration, download a resource, or otherwise communicate with us.
  2. Automatically: through cookies, server logs and similar technologies when you browse our Website. For detailed information on the cookies we use, please see our Cookie Policy.
  3. From third parties: where a third party authorized by you provides your Personal Data to us, or where permitted by applicable law.

We generally do not collect your Personal Data unless:

  1. it is provided to us voluntarily by you directly or via a third party who has been duly authorized by you to disclose your Personal Data to us (your "authorized representative"), you (or your authorized representative) have been notified of the purposes for which it is collected and you (or your authorized representative) have provided your consent to its collection and usage for such purposes (by virtue of this Privacy Policy or a separate consent process);
  2. it is provided to us voluntarily by you for a purpose, and it is reasonable in the circumstances that you are deemed to have consented to our collection, use and disclosure of that Personal Data for that purpose; or
  3. collection and use of Personal Data without consent is permitted or required by applicable laws.

1.3 How will we use your data?
Apart from the purposes described above, we may generally use your Personal Data for the following purposes:

  1. performing obligations in the course of or in connection with our provision of the services requested by you;
  2. providing you with personalized services and/or to customize your user experience of the Website and/or Service;
  3. verifying your identity;
  4. responding to, handling, and processing queries, requests, applications, complaints, feedback and Submissions from you;
  5. generally administering and/or managing your relationship with us;
  6. processing payment or credit transactions;
  7. maintaining records of your instructions and our interactions with you;
  8. internal reporting and analysis related to our business operations;
  9. sending you information on any updates or changes to the Website and/or Service (including notifying you of any planned or unscheduled downtime) and/or Subscription Plans;
  10. sending you information on any updates or changes to our Terms, Policies and/or other legal or administrative information;
  11. sending you updates and publications (including our newsletters), or advertising, marketing and promotional communications (including updates on our Promotions), where you have requested or consented to be on our mailing list or to receive such communications respectively;
  12. any other purposes for which you have provided the information;
  13. any other incidental business and/or administrative purposes related to or in connection with the above; and/or
  14. such as we believe to be necessary and/or appropriate to:
    1. comply with applicable laws, regulations, guidelines and/or codes of conduct (or any request or direction of any public, government or regulatory authorities, including those outside your country of residence);
    2. comply with legal process (including assisting in law enforcement and investigations conducted by any governmental and/or regulatory authority);
    3. protect the rights, privacy, safety property and/or operations of any person (including us and any person accessing and/or using the Website and/or Service);
    4. protect the safety or integrity of the Website and/or Service (including to help prevent spam, abuse, or malicious actors on the Website and/or Service);
    5. prevent, detect, mitigate and investigate potentially illegal acts, fraud and/or security breaches and to assess and manage risk, including to alert you if fraudulent activities have been detected on your Account(s);
    6. enforce terms and conditions applicable to the Website and/or Service; and/or
    7. allow us to pursue available remedies or limit the damages we may sustain;
  15. transmitting to any unaffiliated third parties including our third-party service providers, agents and other organizations we have engaged, and relevant governmental and/or regulatory authorities, whether in Singapore or abroad, for the aforementioned purposes.

1.4 How do we store your data?
We store your Personal Data on secure servers located in Singapore and the United States of America, hosted by reputable third-party infrastructure providers. We implement the following safeguards:

  1. Encryption: data is encrypted in transit using TLS (Transport Layer Security) for all connections to our Website and services.
  2. Access controls: access to Personal Data is restricted to authorized personnel on a need-to-know basis, using role-based access controls and the principle of least privilege.
  3. Retention: we retain your Personal Data only for as long as is necessary to fulfil the purposes for which it was collected, as required or permitted by applicable laws (including legal, regulatory, accounting or other requirements), or as we deem necessary to protect our legitimate interests. When retention is no longer necessary, we will securely delete or anonymize your Personal Data.
  4. Regular assessments: we conduct periodic security assessments and reviews of our data protection practices.

2. Share and Disclosure of Information to Third Parties

Apart from the service providers identified in Section 1 above, we may share your Personal Data in the ordinary course of our business with other third parties to use on our behalf for purposes that are consistent with this Privacy Policy (including any of the purposes set out in Section 1.3 above). Such third parties include:

  1. if you are an End-User, your Company and other End-Users linked to your Company's Account;
  2. our related companies such as our subsidiaries and holding company (if any);
  3. our lawyers, auditors and professional advisors;
  4. service providers who provide services to us (including marketing, email delivery services, analytics and search engine providers, website hosting, web design, maintenance, database hosting, data analysis, IT services, payment processing, customer service, infrastructure provision, logistics, storage, auditing services and other similar services), or to which we may outsource one or more aspects of our business;
  5. third parties in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any liquidation or similar proceedings, and/or to an acquirer of our business or assets or any part thereof);
  6. our partners and investors or potential partners and investors and other parties with a view to a potential business partnership, collaboration, joint venture or otherwise in furtherance of our business;
  7. Advertising. To the extent permitted by applicable law, we may share personal information with third parties for marketing, advertising, promotions, contests, or other similar purposes;
  8. Law Enforcement and National Security. We may share personal information with legal, governmental, or judicial authorities, as instructed or required by those authorities or applicable laws, or to comply with any law or directive, judicial or administrative order, legal process or investigation, warrant, subpoena, government request, regulatory request, law enforcement or national security investigation, or as otherwise required or authorized by law.

We will only share your Personal Data with such third parties to the extent that this is necessary for us to perform our services for you and/or for them to perform their services for us.

International data transfers. To deliver services to you, it is sometimes necessary for us to transfer your Personal Data out of your country of residence, for example:

  1. to our offices outside your country of residence (Singapore and the United States of America);
  2. to our service providers located outside your country of residence;
  3. if you are based outside the country where we are located; and/or
  4. where there is an international dimension to the services we are providing to you.

Where we transfer your Personal Data to countries outside of your country of residence, we will do so in accordance with applicable laws, including (where transfers are made outside of Singapore) taking steps to ensure that your Personal Data continues to receive a standard of protection that is at least comparable to that provided under the Singapore Personal Data Protection Act 2012 (No. 26 of 2012) and the EU General Data Protection Regulation (GDPR).

You acknowledge and specifically consent to your Personal Data being transferred to and stored in our offices in Singapore and the United States of America, and the locations where our service providers store and process your Personal Data, as identified in this Privacy Policy.

3. Cookies

We use cookies and similar technologies to enhance your experience on our Website. A cookie is a small data file stored on your computer or mobile device. For detailed information about the cookies we use, the purposes for which we use them, the third parties that set cookies, and how you can manage or disable cookies, please refer to our Cookie Policy.

3.1 Non-Personal Data. When you access and/or use the Website and/or Service, we may collect, use, disclose, retain and otherwise process (or our systems may automatically collect, use, disclose, retain and process) directly or through third-party services and applications:

  1. log data, including your unique user device number, the IP address of your computer or device, information about your computer or mobile internet browser type and version, computer or device operating system, the dates and times of your access to and/or use of the Website and/or Service, the number and frequency of visitors to the Website, the URL that you just came from and the URL you next go to (whether these URLs are on the Website and/or Service or not);
  2. session and usage data about your access to and/or use of the Website and/or Service, including connection and service-related data such as information relating to the connection request, server communication and data sharing, network measurements, quality of service and date, time and location of usage; and/or
  3. aggregate information about the access to and/or use of the Website and/or Service (which may contain log data and session and usage data) in respect of a group or category of services or users but which contains no personally identifiable information about the users (collectively "Non-Personal Data").

For the avoidance of doubt, "Non-Personal Data" is information that does not identify you or any other individual and does not include Personal Data.
We may use Non-Personal Data for any purpose, including:

  1. for our own internal business purposes;
  2. to measure traffic patterns;
  3. for the purpose of system administration;
  4. to enable us to analyze, research and track access to and/or usage of the Website and/or Service (including conducting internal research on user demographics, interests, behavior and trends among users);
  5. to provide, improve and modify the Website and/or Service;
  6. to improve our algorithms, measure Website and/or Service access and/or usage, publish summaries online or offline, develop new features such as recognizing popular activity routes, areas and places; and/or
  7. for promotion and marketing purposes.

4. Withdrawing Consent

The consent you provide for the collection, use and disclosure of your Personal Data will remain valid until it is withdrawn by you in writing. You may withdraw your consent and request that we stop collecting, using, disclosing, retaining and otherwise processing your Personal Data for any or all of the purposes listed above by submitting a request in writing to our Data Protection Officer at the contact details provided below. If you would like to stop receiving newsletters or other marketing or promotional messages, notifications, or updates, you may do so by following the unsubscribe instructions that appear in the e-mail communications or by going to our Unsubscribe Page.
Whilst we respect your decision to withdraw your consent, please note that depending on the nature and scope of your request, we may not be in a position to continue to provide access to and/or use of the Website and/or Service to you if you withdraw your consent to us collecting, using, disclosing, retaining or otherwise processing your Personal Data for certain purposes. In such circumstances, we will notify you before completing the processing of your request. Should you decide to cancel your withdrawal of consent, please inform our Data Protection Officer in writing at the contact details provided below.
Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us. In general, we shall seek to process your request within fourteen (14) business days of receiving it. Should we not be able to respond to your request within thirty (30) days after receiving your request, we will inform you in writing within thirty (30) days of the time by which we will be able to respond to your request. If we are unable to accede to your request, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under applicable laws).
Notwithstanding that you may have withdrawn consent, you acknowledge we may continue to collect, use, disclose, retain or otherwise process your Personal Data where such collection, use, disclosure, retention or processing is permitted or required under applicable laws.

5. Data Rights

You may exercise the following rights, subject to limits, conditions, and exceptions under applicable laws. For further information on each of those rights, including the circumstances in which they apply and the limits, conditions and exceptions applicable to the exercise of such rights, please contact our Data Protection Officer.

5.1 Right to access to Personal Data. You have the right to access your Personal Data. You may access and download most of your Personal Data through the Account(s) you have with us. To request for a copy of your Personal Data that is not available on your Account(s), or for information about how we use or disclose your Personal Data, you may write to our Data Protection Officer.

5.2 Right to rectification and addition to Personal Data. You can correct, delete, or modify most of the Personal Data using the tools and settings under your Account(s).

5.3 Right to erasure. You have the right to request for the prompt erasure of your Personal Data if:

  1. it is no longer necessary in relation to the purposes for which it was collected or otherwise processed;
  2. you withdraw your consent to the processing of Personal Data and there is no other legal ground for the processing;
  3. you object to the processing of your Personal Data and/or there are no overriding legitimate grounds for the processing;
  4. your Personal Data has been processed unlawfully;
  5. your Personal Data has to be erased for compliance with legal obligations under applicable laws; subject to certain conditions under applicable laws.

5.4 Right to restrict processing. You have the right to request that we restrict the processing of your Personal Data in certain situations (e.g. if you contest the accuracy of the Personal Data).

5.5 Right to portability of Personal Data. You have the right to obtain your Personal Data in a structured, commonly used, and machine-readable format and the right to provide such data to another controller provided that processing is carried out by automated means and based on the performance of an agreement between us or on your consent. Please note that under your Account(s), you can download a copy of some of your Personal Data.

5.6 Automated individual decision making. You have the right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you.

5.7 Right to file complaint with supervisory authority. You have the right to file a complaint with the relevant supervisory authority, i.e. the Office for Personal Data Protection in the European Union.

5.8 Right to object. You have the right to object at any time to the processing of your Personal Data for direct marketing purposes and in certain other situations to our continued processing of your Personal Data. You can opt-out of receiving or unsubscribe from any SMS, email or other marketing communications from us by using the unsubscribe facility that is provided with such SMS, email or other communication, or by writing in to our Data Protection Officer with your request. Please note that if you do opt-out of receiving marketing-related communications from us, we may still send you important legal or administrative messages and that you cannot opt-out of receiving such messages.
If you would like to exercise any of the above rights, please:

  1. inform our Data Protection Officer in writing at the contact details provided below; and
  2. provide our Data Protection Officer with enough information to identify you (e.g. your full name, email address, residential address, contact number, address and customer reference number);
  3. provide our Data Protection officer with proof of your identity (e.g. a copy of your driving license, passport or recent utility or credit card bill); and
  4. let our Data Protection Officer know what right you want to exercise and the information to which your request relates.

We will respond to your request as soon as reasonably possible. In general, we shall seek to process your request within fourteen (14) business days of receiving it. Should we not be able to respond to your request within thirty (30) days after receiving your request, we will inform you in writing within thirty (30) days of the time by which we will be able to respond to your request. If we are unable to provide you with any Personal Data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under applicable laws).
Please note that a reasonable fee may be charged for requests that you make in connection with the above rights, where permitted under applicable laws. If so, we will inform you of the fee before processing your request.

6. Data Storage and Security

We use commercially reasonable security measures to protect your Personal Data from unauthorized access, collection, use, disclosure, copying, modification, disposal, or similar risks. Specifically:

  1. Encryption in transit: all connections to our Website and services are encrypted using TLS (Transport Layer Security).
  2. Access controls: we limit access to your Personal Data to authorized employees, contractors and service providers who have a genuine business need to access it, using role-based access controls and the principle of least privilege. Those processing your information do so only in an authorized manner and are subject to a duty of confidentiality.
  3. Infrastructure security: our servers and data are hosted with reputable third-party infrastructure providers that maintain industry-standard physical, network and operational security controls.
  4. Security assessments: we conduct periodic security assessments, vulnerability scans and reviews of our data protection practices to identify and address potential risks.
  5. Incident response: we maintain incident response procedures to promptly detect, investigate and respond to any suspected data security incident. In the event of a data breach affecting your Personal Data, we will notify the relevant supervisory authorities and affected individuals as required by applicable laws.

7. Accuracy

We generally rely on Personal Data provided by you (or your authorized representative). In order to ensure that your Personal Data is current, complete and accurate, please update us if there are changes to your Personal Data by informing our Data Protection Officer or contacting us at the contact details provided below.

8. Retention of Your Personal Data

We will retain your Personal Data (including Personal Data from closed Accounts) for as long as is necessary to fulfil the purpose(s) for which it was collected, as required or permitted by applicable laws (including to satisfy legal, regulatory, accounting or other regulatory requirements) or as we deem necessary and relevant to protect our legitimate interests.
When it is reasonable for us to assume that retention of your Personal Data no longer serves the purpose for which the Personal Data was collected, and is no longer necessary for legal, regulatory, accounting or business purposes, we will cease to retain your Personal Data or remove the means by which the Personal Data can be associated with you.
We may use any aggregated data derived from or incorporating your Personal Data after you terminate your Account(s), but not in a manner that would identify you personally unless permitted by law.

9. Career Page and Apply for a Job with Esprow

If you browse or apply for a job in the careers portion of our website, your application, and any additional information that you provide may be used to assess your skills and interests against career opportunities at Esprow. Esprow may retain this information for reporting purposes that may be required by applicable law.

10. Children's Online Privacy Protection

Our Website and Service are not directed at children under the age of 16 (or under the age of 13 in jurisdictions where the Children's Online Privacy Protection Act, "COPPA", applies). We do not knowingly collect or solicit Personal Data from children under these ages, or knowingly allow such persons to register for an Account with us.
If you are a parent or guardian and you believe that your child has provided us with Personal Data without your consent, please contact our Data Protection Officer at the contact details provided below. If we become aware that we have collected Personal Data from a child without verification of parental consent, we will take steps to promptly delete that information from our servers.
If you are under the applicable minimum age, please do not attempt to register for an Account and/or use the Service, or provide us with any of your Personal Data.

11. Do Not Track

"Do Not Track" (DNT) is a privacy preference that users can set in certain web browsers. Our Website does not currently respond to DNT signals sent by web browsers. There is no universally accepted standard for how websites should respond to DNT signals, and we will continue to review developments in DNT technology and update our practices as standards evolve.
Regardless of your DNT setting, you can manage your cookie preferences and opt out of certain tracking technologies as described in our Cookie Policy.

12. Changes to the Privacy Policy

12.1 This Privacy Policy applies in conjunction with any other notices, contractual clauses and consent clauses that apply in relation to the collection, use and disclosure of your Personal Data by us.

12.2 We may revise this Privacy Policy from time to time in the exercise of our sole discretion. If we make a change to this Privacy Policy that we consider is material, we will notify you by one or more of the following methods:

  1. posting the revised Privacy Policy on the Website with the updated "Last updated" date;
  2. displaying the new terms on-screen when you next access and/or use the Service;
  3. sending you a notice via email to the address associated with your account, where applicable; and/or
  4. posting a prominent notice on our Website homepage.

12.3 Notwithstanding the foregoing, you agree that you are responsible for periodically reviewing this Privacy Policy for any changes and keeping yourself informed of the most up-to-date version of this Privacy Policy. You may determine if any such revision to this Privacy Policy has taken place by referring to the date on which this Privacy Policy was last updated.

12.4 If you do not agree to any revision to this Privacy Policy, you are to stop accessing and/or using the Website and/or Service immediately. Your continued use of the Website and/or Service after a change has been made will constitute your assent to and acceptance of the revised Privacy Policy.

13. Contact Us

Data Controller: Esprow Pte. Ltd.
UEN No.: 200804918D
Address: 100 Tras Street, #16-01, 100 AM, 079027, Singapore

For questions about this Privacy Policy or our processing of personal data, please contact our Data Protection Officer:
Data Protection Officer: Federico Lo Conte
Address: 100 Tras Street, #16-01, 100 AM, 079027, Singapore
E-mail: [email protected]

Notwithstanding that you may have opted out of communications, or your Account(s) with us have been terminated, and/or you have removed your billing information from your Account(s), you acknowledge that certain Personal Data may be retained by us for the purpose of complying with relevant laws.

This Privacy Policy is governed by the laws of the Republic of Singapore.