Privacy Policy


OctiFi respects your privacy and has adopted policies, procedures, and processes designed to protect your personal information from misuse, theft, or other loss in accordance with the Singapore Personal Data Protection Act (“PDPA”).

This privacy policy (the “Privacy Policy”) outlines how we will collect, use, store, share and protect your personal information when you transact with us.  You accept the Privacy Policy whenever you access or use OctiFi products, services, and technologies including the OctiFi mobile app and www.octifi.com (the “OctiFi Services”).  Please read this Privacy Policy carefully.

This Privacy Policy applies to personal information collected through the OctiFi Services, including personal information in the possession of third parties which we have engaged to collect, use, disclose or process for our purposes.  It does not apply to personal information that you reveal or post in any public forum on our website, websites that link to or from our website, or any other applications.  We do not control and are not responsible for the content, data protection, and privacy practices of third party websites or applications.

What type of information does OctiFi collect?

OctiFi collects two basic types of information from you in conjunction with your use of the OctiFi Services (collectively, your “personal information”): (1) personally identifiable information; and (2) non-personally identifiable information.

Personally identifiable information is any information that can identify you.

  • Examples include your name and identification information such as your NRIC number, contact information such as your address, email address or telephone number, nationality, gender, date of birth, marital status, employment information and financial information such as credit card numbers, debit card numbers or bank account information.
  • We may also collect personally identifiable information about you from third parties such as data vendors.
  • Aggregate and/or de-identified information is not considered personally identifiable information.

Non-personally identifiable information is information that does not identify you directly, but may be linkable to you.  Examples include demographic information and general location information.

How does OctiFi collect personal information?

We collect personal information about you through your interactions with or use of the OctiFi Services.  Example includes, but is not limited to, the following:

  • Emails, contact forms, questionnaires, and other forms you submit to us;
  • Account created and connected to the OctiFi Services;
  • Your applications, orders and transactions through the use of the OctiFi Services;
  • Your contact with our customer support team.

We may also receive personal information about you from third parties in the following circumstances:

  • Account created and connected to the OctiFi Services using the credentials of a third party site such as Google or Facebook;
  • Third parties engaged to investigate and/or collect debt from you as a result of a debt that you owe to us; and such third parties have collected personal information about you as part of their due diligence process.

Additionally, each time you use the OctiFi Services, our server may automatically collect certain types of non-personally identifiable information. Example includes, but is not limited to, the following:

  • Information about your Internet service provider, browser, operating system, and device;
  • Cookie information to recognise when you are visiting the website;
  • Data related to your location at the time of accessing the OctiFi Services;
  • Beacons to know if a certain page was visited, your activity on particular pages, how long you spend on a particular page or portion of a page, or whether an email was opened.

A cookie is a small piece of data stored on your computer by the web browser when you use the OctiFi Services.  We may also use web beacons and mobile application plug-ins, such as software development kits, application programming interfaces and similar technologies.  We use cookies to collect certain types of non-personally identifiable information to monitor traffic and improve the OctiFi Services.  We may also use these technologies to personalise your experience, deliver advertisements, and for research and marketing.  You may accept or decline cookies by modifying the settings in your browser, application or device, if the browser, application or device so permits.  Rejecting cookies may affect your ability to use some of the features offered by us.

We may use automated devices and applications to analyse information about visits to our website or mobile application.  We use these tools to help us improve our Site, performance and user experiences.  These entities may use cookies and other tracking technologies to perform their services.

How does OctiFi use the personal information we collect?

We may use your personal information to:

  • Provide the OctiFi Services requested by you;
  • Verify your identity and authenticate the information you provide to us;
  • Process payments and credit transactions;
  • Collect payments and/or fees;
  • Manage your relationship with us, including but not limited to: responding to, handling and processing queries, requests, applications, complaints, and feedback from you;
  • Send offers or promotions for the OctiFi Services;
  • Provide advertising, including advertising based on your use of the OctiFi Services or third-party websites;
  • Prevent and/or investigate potentially prohibited or illegal activities, such as fraud;
  • Conduct reasonable business activities not otherwise prohibited by laws such as audits, risk management, business reporting, service, quality control, statistical and trend analysis and other related or similar activities.

How does OctiFi share personal information?

We will only share your personal information with third parties as described in this Privacy Policy.

We may share your personally identifiable information with:

  • Service providers and affiliates who help with our business operations, including but not limited to, credit scoring, card processing, payment services, fraud prevention, administrative, marketing and technology services;
  • Credit bureaus and collection agencies, as permitted by law;
  • Merchants you order your goods or services from using the OctiFi Services;
  • Companies that we plan to merge with or be acquired by;
  • Third parties, including governmental authorities and law enforcement, to (i) protect or defend the legal rights, interests or property of OctiFi and any related entity of OctiFi; (ii) protect the safety and security of our customers or members of the public; (iii) protect against fraud; or (iv) comply with applicable law, subpoena or legal process;
  • Other third parties with your consent or at your direction to do so.

We will not share or sell any personally identifiable information about you to our affiliates or non-affiliated third parties for their marketing purposes unless you have provided consent.

We generally do not transfer your personal information to countries outside of Singapore. However, if we do so, we will obtain your consent for the transfer to be made and we will take steps to ensure that your personal information continues to receive a standard of protection that is at least comparable to that provided under the PDPA.

Can I opt out, restrict or withdraw my consent on personal information sharing?

Personally identifiable information: You may choose not to provide your personally identifiable information to us; however, you will not be able to participate in our instalment program in connection to the OctiFi Services.  You can still make payments to our merchants through the use of the OctiFi Services.

Opting out from our solicitations:  You may unsubscribe from our marketing emails, but we will still be permitted to contact you for servicing and account-related purposes by clicking the “Unsubscribe” link in the email footer.

Withdrawing your consent: The consent that you provide for the collection, use and disclosure of your personal information will remain valid until such time it is being withdrawn by you in writing. You may withdraw consent and request us to stop using and/or disclosing your personal information by submitting your request to our data protection officer at the contact details provided below.

Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us.  In general, we shall seek to process your request within ten (10) business days of receiving it.

Whilst we respect your decision to withdraw your consent, please note that depending on the nature and scope of your request, we may not be in a position to continue providing our goods or services to you and we shall, in such circumstances, notify you before completing the processing of your request. Should you decide to cancel your withdrawal of consent, please inform us in writing in the same manner.

Please note that withdrawing consent does not affect our right to continue to collect, use and disclose personal information where such collection, use and disclose without consent is permitted or required under applicable laws.

How can I access and correct my personal information?

If you would like to request access to and/or correction of personal information that you provided to us, please contact us at support@octifi.com.

We will respond to your request as soon as reasonably possible. Should we not be able to respond to your request within thirty (30) days after receiving your request, we will inform you in writing within thirty (30) days of the time by which we will be able to respond to your request. If we are unable to provide you with any personal information or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the PDPA).

How does OctiFi protect your personal information?

We use reasonable technical, administrative, and physical safeguards to secure your personal information in accordance with the PDPA.

We take steps to protect the confidentiality of personally identifiable information, and prohibit the unlawful disclosure of such information.  We limit access to such personally identifiable information to authorised persons on a confidential and need-to-know basis.

In respect of your payment card data, we do not store your card details in our systems.  We authorise and process your future charges using card processors that comply with strict industry standards.

Please be aware that despite our efforts, no data security measures can guarantee 100% security, that there is always some risk involved in transferring data over the internet, particularly if you send personal information to us through an unsecured means, such as email.  

You should take steps to protect against unauthorized access to your password, phone, and computer by, among other things, signing off after using a shared computer, choosing a robust password that nobody else knows or can easily guess, and keeping your log-in and password private.  We are not responsible for any lost, stolen, or compromised passwords or for any activity on your account via unauthorized password activity.

Accuracy of Personal Information

We generally rely on personal information provided by you.  In order to ensure that your personal information is current, complete and accurate, please update us with any changes by informing our data protection officer at the contact details provided below.

Retention of Personal Information

We may retain your personal information for as long as it is necessary to fulfil the purpose for which it was collected, or as required or permitted by applicable laws.

We will cease to retain your personal information, or remove the means by which the data can be associated with you as soon as is no longer necessary for legal or business purposes.

Children under 18

We do not knowingly solicit or collect personally identifiable information about children under the age of 18. The OctiFi Services are not designed for or directed to children under the age of 18. If we become aware that a child under the age of 18 has provided personally identifiable information to us, we will delete the information from our records. If you become aware of any personally identifiable information we collected from children under 18, please contact our data protection officer at the contact details provided below.

Governing Law and Notice to Non-Singapore Users

The OctiFi Services are directed to individuals located in Singapore, and our policies are directed at compliance with those laws.  If you are located outside of Singapore, you should NOT submit personal information to OctiFi.  If you voluntarily submit personal information to us, you thereby agree to the application of Singapore law and consent to the use and disclosure of your information consistent with this Privacy Policy.

Changes and revisions to this Privacy Policy

By accessing the OctiFi Services, you acknowledge that we have the right to revise and amend this Privacy Policy.  We will post any changes to this Privacy Policy here so that you will always be aware of our privacy practices.  Please refer back to this Privacy Policy regularly.  Your continued use of the OctiFi Services following our posting of any such changes will mean that you accept such changes.

Contact Us

Should you have any questions regarding this Privacy Policy, please contact our data protection officer by email at privacy@octifi.com.

Last Updated:  11/02/2020